Top 10 Arxiv Papers Today in Cryptography And Security


2.276 Mikeys
#1. A Cryptoeconomic Traffic Analysis of Bitcoins Lightning Network
Ferenc Beres, Istvan Andras Seres, Andras A. Benczur
Lightning Network (LN) is designed to amend the scalability and privacy issues of Bitcoin. It is a payment channel network where Bitcoin transactions are issued off the blockchain and onion routed through a private payment path with the aim to settle transactions in a faster, cheaper, and more private manner, as they are not recorded in a costly-to-maintain, slow, and public ledger. In this work, we design a traffic simulator to empirically study LN's transaction fees and privacy provisions. The simulator relies only on publicly available data of the network structure and capacities, and generates transactions under assumptions that we attempt to validate based on information spread by certain blog posts of LN node owners. Our findings on the estimated revenue from transaction fees are in line with the widespread opinion that participation is economically irrational for the majority of the large routing nodes. Either traffic or transaction fees must increase by orders of magnitude to make payment routing economically viable. We...
more | pdf | html
Figures
Tweets
el33th4xor: Academic studies are beginning to corroborate what the experts warned about the Lightning Network: https://t.co/LJgByaNQin https://t.co/rqja1lbn4g
marc_ahx: [1911.09432] A Cryptoeconomic Traffic Analysis of Bitcoins Lightning Network - https://t.co/jkTojKh6cY on @arxiv #infosec #crypto
Istvan_A_Seres: Want to learn more about financial incentives given in Lightning Network for participating as a router and about LN's privacy provisions? Check our pre-print out: https://t.co/4mCTDKWW4B Joint work with @ferencberes91 and @BenczurAndras GitHub: https://t.co/L1LoNYWcEC Thread/
vinarmani: RT @el33th4xor: Academic studies are beginning to corroborate what the experts warned about the Lightning Network: https://t.co/LJgByaNQin…
ofnumbers: RT @el33th4xor: Academic studies are beginning to corroborate what the experts warned about the Lightning Network: https://t.co/LJgByaNQin…
matthew_d_green: RT @el33th4xor: Academic studies are beginning to corroborate what the experts warned about the Lightning Network: https://t.co/LJgByaNQin…
kristovatlas: RT @el33th4xor: Academic studies are beginning to corroborate what the experts warned about the Lightning Network: https://t.co/LJgByaNQin…
DavidShares: RT @el33th4xor: Academic studies are beginning to corroborate what the experts warned about the Lightning Network: https://t.co/LJgByaNQin…
danicellero: RT @el33th4xor: Academic studies are beginning to corroborate what the experts warned about the Lightning Network: https://t.co/LJgByaNQin…
GiulioWolfe: RT @el33th4xor: Academic studies are beginning to corroborate what the experts warned about the Lightning Network: https://t.co/LJgByaNQin…
btcplanet: RT @el33th4xor: Academic studies are beginning to corroborate what the experts warned about the Lightning Network: https://t.co/LJgByaNQin…
Bit_Faced: RT @el33th4xor: Academic studies are beginning to corroborate what the experts warned about the Lightning Network: https://t.co/LJgByaNQin…
RicardOruka: RT @el33th4xor: Academic studies are beginning to corroborate what the experts warned about the Lightning Network: https://t.co/LJgByaNQin…
TCRPartyBot: RT @el33th4xor: Academic studies are beginning to corroborate what the experts warned about the Lightning Network: https://t.co/LJgByaNQin…
Istvan_A_Seres: RT @el33th4xor: Academic studies are beginning to corroborate what the experts warned about the Lightning Network: https://t.co/LJgByaNQin…
ANFawks: RT @el33th4xor: Academic studies are beginning to corroborate what the experts warned about the Lightning Network: https://t.co/LJgByaNQin…
NodeCryptoIco: RT @el33th4xor: Academic studies are beginning to corroborate what the experts warned about the Lightning Network: https://t.co/LJgByaNQin…
LionOfNarnia: RT @el33th4xor: Academic studies are beginning to corroborate what the experts warned about the Lightning Network: https://t.co/LJgByaNQin…
nilspn: RT @el33th4xor: Academic studies are beginning to corroborate what the experts warned about the Lightning Network: https://t.co/LJgByaNQin…
LovelyFeyd: RT @el33th4xor: Academic studies are beginning to corroborate what the experts warned about the Lightning Network: https://t.co/LJgByaNQin…
hasanshaddad: RT @el33th4xor: Academic studies are beginning to corroborate what the experts warned about the Lightning Network: https://t.co/LJgByaNQin…
danjaheny: RT @el33th4xor: Academic studies are beginning to corroborate what the experts warned about the Lightning Network: https://t.co/LJgByaNQin…
srknoron: RT @el33th4xor: Academic studies are beginning to corroborate what the experts warned about the Lightning Network: https://t.co/LJgByaNQin…
Github

Lightning Network Traffic Simulator

Repository: LNTrafficSimulator
User: ferencberes
Language: Python
Stargazers: 0
Subscribers: 2
Forks: 0
Open Issues: 0
Youtube
None.
Other stats
Sample Sizes : None.
Authors: 3
Total Words: 12040
Unqiue Words: 3198

2.026 Mikeys
#2. The Performance of Machine and Deep Learning Classifiers in Detecting Zero-Day Vulnerabilities
Faranak Abri, Sima Siami-Namini, Mahdi Adl Khanghah, Fahimeh Mirza Soltani, Akbar Siami Namin
The detection of zero-day attacks and vulnerabilities is a challenging problem. It is of utmost importance for network administrators to identify them with high accuracy. The higher the accuracy is, the more robust the defense mechanism will be. In an ideal scenario (i.e., 100% accuracy) the system can detect zero-day malware without being concerned about mistakenly tagging benign files as malware or enabling disruptive malicious code running as none-malicious ones. This paper investigates different machine learning algorithms to find out how well they can detect zero-day malware. Through the examination of 34 machine/deep learning classifiers, we found that the random forest classifier offered the best accuracy. The paper poses several research questions regarding the performance of machine and deep learning algorithms when detecting zero-day malware with zero rates for false positive and false negative.
more | pdf | html
Figures
None.
Tweets
arxiv_cs_LG: The Performance of Machine and Deep Learning Classifiers in Detecting Zero-Day Vulnerabilities. Faranak Abri, Sima Siami-Namini, Mahdi Adl Khanghah, Fahimeh Mirza Soltani, and Akbar Siami Namin https://t.co/jfSly0Q4kA
Memoirs: The Performance of Machine and Deep Learning Classifiers in Detecting Zero-Day Vulnerabilities. https://t.co/v3fn7lqwid
Github
None.
Youtube
None.
Other stats
Sample Sizes : None.
Authors: 5
Total Words: 0
Unqiue Words: 0

2.005 Mikeys
#3. Automatic Driver Identification from In-Vehicle Network Logs
Mina Remeli, Szilvia Lestyan, Gergely Acs, Gergely Biczok
Data generated by cars is growing at an unprecedented scale. As cars gradually become part of the Internet of Things (IoT) ecosystem, several stakeholders discover the value of in-vehicle network logs containing the measurements of the multitude of sensors deployed within the car. This wealth of data is also expected to be exploitable by third parties for the purpose of profiling drivers in order to provide personalized, valueadded services. Although several prior works have successfully demonstrated the feasibility of driver re-identification using the in-vehicle network data captured on the vehicle's CAN (Controller Area Network) bus, they inferred the identity of the driver only from known sensor signals (such as the vehicle's speed, brake pedal position, steering wheel angle, etc.) extracted from the CAN messages. However, car manufacturers intentionally do not reveal exact signal location and semantics within CAN logs. We show that the inference of driver identity is possible even with off-the-shelf machine learning...
more | pdf | html
Figures
Tweets
StatsPapers: Automatic Driver Identification from In-Vehicle Network Logs. https://t.co/11ESlxOHbM
Github
None.
Youtube
None.
Other stats
Sample Sizes : None.
Authors: 4
Total Words: 7101
Unqiue Words: 2415

1.998 Mikeys
#4. Application Level Authentication for Ethereum Private Blockchain Atomic Crosschain Transactions
Peter Robinson
Atomic Crosschain Transaction technology allows composable programming across private Ethereum blockchains. It allows for inter-contract and inter-blockchain function calls that are both synchronous and atomic: if one part fails, the whole call graph of function calls is rolled back. Traditional Ethereum contract functions can limit which accounts can call them by specialised application program logic. This is important as it allows application developers to specify which callers can execute functions that update contract state. In this paper we introduce the strategy required to restrict which contracts on one blockchain can call a function in a contract that is deployed on another blockchain. We show that validating the Originating Blockchain Id (the blockchain the crosschain function call started on), From Blockchain Id, and From Account provides contracts with certainty that a function call came from a specific contract on a specific blockchain.
more | pdf | html
Figures
Tweets
Github
None.
Youtube
None.
Other stats
Sample Sizes : None.
Authors: 1
Total Words: 3770
Unqiue Words: 984

1.998 Mikeys
#5. Volenti non fit injuria: Ransomware and its Victims
Amir Atapour-Abarghouei, Stephen Bonner, Andrew Stephen McGough
With the recent growth in the number of malicious activities on the internet, cybersecurity research has seen a boost in the past few years. However, as certain variants of malware can provide highly lucrative opportunities for bad actors, significant resources are dedicated to innovations and improvements by vast criminal organisations. Among these forms of malware, ransomware has experienced a significant recent rise as it offers the perpetrators great financial incentive. Ransomware variants operate by removing system access from the user by either locking the system or encrypting some or all of the data, and subsequently demanding payment or ransom in exchange for returning system access or providing a decryption key to the victim. Due to the ubiquity of sensitive data in many aspects of modern life, many victims of such attacks, be they an individual home user or operators of a business, are forced to pay the ransom to regain access to their data, which in many cases does not happen as renormalisation of system operations is...
more | pdf | html
Figures
Tweets
Github
None.
Youtube
None.
Other stats
Sample Sizes : None.
Authors: 3
Total Words: 6191
Unqiue Words: 2260

1.998 Mikeys
#6. MuonTrap: Preventing Cross-Domain Spectre-Like Attacks by Capturing Speculative State
Sam Ainsworth, Timothy M. Jones
The disclosure of the Spectre speculative-execution attacks in January 2018 has left a severe vulnerability that systems are still struggling with how to patch. The solutions that currently exist tend to have incomplete coverage, perform badly, or have highly undesirable edge cases that cause application domains to break. MuonTrap allows processors to continue to speculate, avoiding significant reductions in performance, without impacting security. We instead prevent the propagation of any state based on speculative execution, by placing the results of speculative cache accesses into a small, fast L0 filter cache, that is non-inclusive, non-exclusive with the rest of the cache hierarchy. This isolates all parts of the system that can't be quickly cleared on any change in threat domain. MuonTrap uses these speculative filter caches, which are cleared on context and protection-domain switches, along with a series of extensions to the cache coherence protocol and prefetcher. This renders systems immune to cross-domain information...
more | pdf | html
Figures
None.
Tweets
cynicalsecurity: S. Ainsworth and T. Jones, “MuonTrap: Preventing Cross-Domain Spectre-Like Attacks by Capturing Speculative State” [abstract as an image] https://t.co/qhQOkXlZOo https://t.co/ADGxLoOxYW
Underfox3: In this paper, researchers have proposed a new approach to mitigate speculative side-channel exploits between domains at low overheads in hardware, without removing speculation, by adding speculative filter caches to store vulnerable state. https://t.co/zeXL48SXIm https://t.co/vvGuXw1JOz
Github
None.
Youtube
None.
Other stats
Sample Sizes : None.
Authors: 2
Total Words: 10738
Unqiue Words: 2858

1.998 Mikeys
#7. Protecting RESTful IoT Devices from Battery Exhaustion DoS Attacks
Stefan Hristozov, Manuel Huber, Georg Sigl
Many IoT use cases involve constrained battery-powered devices offering services in a RESTful manner to their communication partners. Such services may involve, e.g., costly computations or actuator/sensor usage, which may have significant influence on the power consumption of the service Providers. Remote attackers may excessively use those services in order to exhaust the Providers' batteries, which is a form of a Denial of Service (DoS) attack. Previous work proposed solutions based on lightweight symmetric authentication. These solutions scale poorly due to requiring pre-shared keys and do not provide protection against compromised service Requesters. In contrast, we consider more powerful attackers even capable of compromising legit Requesters. We propose a method that combines attacker detection and throttling, conducted by a third trusted Backend, with a lightweight authentication protocol. For attacker detection and throttling, we propose a novel approach using rate limitation algorithms. In addition, we propose and...
more | pdf | html
Figures
None.
Tweets
cynicalsecurity: S. Hristozov et al., “Protecting RESTful IoT Devices from Battery Exhaustion DoS Attacks” […we propose a method that combines attacker detection and throttling, conducted by a third trusted Backend, with a lightweight authentication protocol…] https://t.co/vLDzEEJNM5
marc_ahx: [1911.08134] Protecting RESTful IoT Devices from Battery Exhaustion DoS Attacks - https://t.co/UMkZQ2Px8t on @arxiv
Github
None.
Youtube
None.
Other stats
Sample Sizes : None.
Authors: 3
Total Words: 0
Unqiue Words: 0

1.998 Mikeys
#8. Entanglement-based quantum private comparison protocol with bit-flipping
Zhao-Xu Ji, Pei-Ru Fan, Hou-Zhen Wang, Huan-Guo Zhang
Quantum private comparison (QPC), whose security is based on the laws of quantum mechanics, allows at least two participants who do not trust each other to compare whether their secret data are the same while maintaining data privacy. Here, by introducing a semi-honest third party, we propose a novel QPC protocol using (n+1)-qubit (n\ge2) Greenberger-Horne-Zeilinger (GHZ) states as information carriers. The parameter n not only determines the number of qubits contained in a GHZ state, but also determines the probability that the third party can successfully steal participants' data and the qubit efficiency. Our protocol uses the keys generated by quantum key distribution and bit-flipping for privacy protection, making both outsider and insider attacks invalid. In addition, our protocol does not employ any other quantum technologies (e.g., entanglement swapping and unitary operations) except necessary technologies such as quantum measurements, which can reduce the need for quantum devices. Furthermore, the GHZ states are prepared...
more | pdf | html
Figures
None.
Tweets
Github
None.
Youtube
None.
Other stats
Sample Sizes : None.
Authors: 4
Total Words: 7468
Unqiue Words: 1913

1.986 Mikeys
#9. Insider threats in Cyber Security: The enemy within the gates
Guerrino Mazzarolo, Anca Delia Jurcut
Insider threats have become reality for civilian firms such as Tesla, which experienced sabotage and intellectual property theft, and Capital One, which suffered from fraud. Even greater social impact was caused by the data breach at the US Department of Defense, perpetrated by well-known attackers Chelsea Manning and Edward Snowden, whose espionage and hacktivist activities are widely known. The dramatic increase of such incidents in recent years and the incalculable damage committed by insiders must serve as a warning for all members of the cyber security community. It is no longer acceptable to continue to underestimate the problem of insider threats. Firms, organizations, institutions and governments need to lead and embrace a cultural change in their security posture. Through the adoption of an Insider Threat Program that engages all the strategic branches (including HR, Legal, Information Assurance, Cyber Security and Intelligence), coordinated by the chief information security officer and supported by c-level executive, it...
more | pdf | html
Figures
None.
Tweets
Github
None.
Youtube
None.
Other stats
Sample Sizes : None.
Authors: 2
Total Words: 0
Unqiue Words: 0

1.986 Mikeys
#10. Anonymizing Masses: Practical Light-weight Anonymity at the Network Level
Hooman Mohajeri Moghaddam, Arsalan Mosenia
In an era of pervasive online surveillance, Internet users are in need of better anonymity solutions for online communications without sacrificing performance. Existing overlay anonymity tools, such as the Tor network, suffer from performance limitations and recent proposals to embed anonymity into Internet protocols face fundamental deployment challenges. In this paper, we introduce Practical Anonymity at the NEtwork Level (PANEL), a practical light-weight anonymity solution based on hardware switching. We implement a prototype of PANEL on a high-performance hardware switch (namely, Barefoot Tofino) using P4 network programming language, and examine the validity and performance of the prototype. Based on our empirical results, PANEL achieves 96% of the actual throughput of the switch and adds a low-latency overhead (e.g., 3% overhead in Skype calls), while offering partial deployablility and transparency (i.e., PANEL requires neither client-side nor server-side modifications).
more | pdf | html
Figures
None.
Tweets
Github
None.
Youtube
None.
Other stats
Sample Sizes : None.
Authors: 2
Total Words: 0
Unqiue Words: 0

About

Assert is a website where the best academic papers on arXiv (computer science, math, physics), bioRxiv (biology), BITSS (reproducibility), EarthArXiv (earth science), engrXiv (engineering), LawArXiv (law), PsyArXiv (psychology), SocArXiv (social science), and SportRxiv (sport research) bubble to the top each day.

Papers are scored (in real-time) based on how verifiable they are (as determined by their Github repos) and how interesting they are (based on Twitter).

To see top papers, follow us on twitter @assertpub_ (arXiv), @assert_pub (bioRxiv), and @assertpub_dev (everything else).

To see beautiful figures extracted from papers, follow us on Instagram.

Tracking 226,490 papers.

Search
Sort results based on if they are interesting or reproducible.
Interesting
Reproducible
Categories
All
Astrophysics
Cosmology and Nongalactic Astrophysics
Earth and Planetary Astrophysics
Astrophysics of Galaxies
High Energy Astrophysical Phenomena
Instrumentation and Methods for Astrophysics
Solar and Stellar Astrophysics
Condensed Matter
Disordered Systems and Neural Networks
Mesoscale and Nanoscale Physics
Materials Science
Other Condensed Matter
Quantum Gases
Soft Condensed Matter
Statistical Mechanics
Strongly Correlated Electrons
Superconductivity
Computer Science
Artificial Intelligence
Hardware Architecture
Computational Complexity
Computational Engineering, Finance, and Science
Computational Geometry
Computation and Language
Cryptography and Security
Computer Vision and Pattern Recognition
Computers and Society
Databases
Distributed, Parallel, and Cluster Computing
Digital Libraries
Discrete Mathematics
Data Structures and Algorithms
Emerging Technologies
Formal Languages and Automata Theory
General Literature
Graphics
Computer Science and Game Theory
Human-Computer Interaction
Information Retrieval
Information Theory
Machine Learning
Logic in Computer Science
Multiagent Systems
Multimedia
Mathematical Software
Numerical Analysis
Neural and Evolutionary Computing
Networking and Internet Architecture
Other Computer Science
Operating Systems
Performance
Programming Languages
Robotics
Symbolic Computation
Sound
Software Engineering
Social and Information Networks
Systems and Control
Economics
Econometrics
General Economics
Theoretical Economics
Electrical Engineering and Systems Science
Audio and Speech Processing
Image and Video Processing
Signal Processing
General Relativity and Quantum Cosmology
General Relativity and Quantum Cosmology
High Energy Physics - Experiment
High Energy Physics - Experiment
High Energy Physics - Lattice
High Energy Physics - Lattice
High Energy Physics - Phenomenology
High Energy Physics - Phenomenology
High Energy Physics - Theory
High Energy Physics - Theory
Mathematics
Commutative Algebra
Algebraic Geometry
Analysis of PDEs
Algebraic Topology
Classical Analysis and ODEs
Combinatorics
Category Theory
Complex Variables
Differential Geometry
Dynamical Systems
Functional Analysis
General Mathematics
General Topology
Group Theory
Geometric Topology
History and Overview
Information Theory
K-Theory and Homology
Logic
Metric Geometry
Mathematical Physics
Numerical Analysis
Number Theory
Operator Algebras
Optimization and Control
Probability
Quantum Algebra
Rings and Algebras
Representation Theory
Symplectic Geometry
Spectral Theory
Statistics Theory
Mathematical Physics
Mathematical Physics
Nonlinear Sciences
Adaptation and Self-Organizing Systems
Chaotic Dynamics
Cellular Automata and Lattice Gases
Pattern Formation and Solitons
Exactly Solvable and Integrable Systems
Nuclear Experiment
Nuclear Experiment
Nuclear Theory
Nuclear Theory
Physics
Accelerator Physics
Atmospheric and Oceanic Physics
Applied Physics
Atomic and Molecular Clusters
Atomic Physics
Biological Physics
Chemical Physics
Classical Physics
Computational Physics
Data Analysis, Statistics and Probability
Physics Education
Fluid Dynamics
General Physics
Geophysics
History and Philosophy of Physics
Instrumentation and Detectors
Medical Physics
Optics
Plasma Physics
Popular Physics
Physics and Society
Space Physics
Quantitative Biology
Biomolecules
Cell Behavior
Genomics
Molecular Networks
Neurons and Cognition
Other Quantitative Biology
Populations and Evolution
Quantitative Methods
Subcellular Processes
Tissues and Organs
Quantitative Finance
Computational Finance
Economics
General Finance
Mathematical Finance
Portfolio Management
Pricing of Securities
Risk Management
Statistical Finance
Trading and Market Microstructure
Quantum Physics
Quantum Physics
Statistics
Applications
Computation
Methodology
Machine Learning
Other Statistics
Statistics Theory
Feedback
Online
Stats
Tracking 226,490 papers.