• arXiv.cs.CR Pub Date : 2020-09-24
Daniele Antonioli; Nils Ole Tippenhauer; Kasper Rasmussen; Mathias Payer

The Bluetooth standard specifies two incompatible wireless transports: Bluetooth Classic (BT) for high-throughput services and Bluetooth Low Energy (BLE) for very low-power services. BT and BLE have different security architectures and threat models, but they use similar security mechanisms. In particular, pairing enables two devices to establish a long term key to secure the communication. Two devices

更新日期：2020-09-25
• arXiv.cs.CR Pub Date : 2020-09-24
Miguel Araujo; Miguel Almeida; Jaime Ferreira; Luis Silva; Pedro Bizarro

Bank transaction fraud results in over $13B annual losses for banks, merchants, and card holders worldwide. Much of this fraud starts with a Point-of-Compromise (a data breach or a skimming operation) where credit and debit card digital information is stolen, resold, and later used to perform fraud. We introduce this problem and present an automatic Points-of-Compromise (POC) detection procedure. BreachRadar 更新日期：2020-09-25 • arXiv.cs.CR Pub Date : 2020-09-24 Hui Zhu; Christian Gehrmann Along with the rapid development of cloud computing technology, containerization technology has drawn much attention from both industry and academia. In this paper, we perform a comparative measurement analysis of Docker-sec, which is a Linux Security Module proposed in 2018, and a new AppArmor profile generator called Lic-Sec, which combines Docker-sec with a modified version of LiCShield, which is 更新日期：2020-09-25 • arXiv.cs.CR Pub Date : 2020-09-24 Renpeng ZouSchool of Cyber Engineering, Xidian University, Xian, China; Xixiang LvSchool of Cyber Engineering, Xidian University, Xian, China Increasing awareness of privacy-preserving has led to a strong focus on anonymous systems protecting anonymity. By studying early schemes, we summarize some intractable problems of anonymous systems. Centralization setting is a universal problem since most anonymous system rely on central proxies or presetting nodes to forward and mix messages, which compromises users' privacy in some way. Besides 更新日期：2020-09-25 • arXiv.cs.CR Pub Date : 2020-09-24 Majid Rafiei; Wil M. P. van der Aalst Process mining techniques such as process discovery and conformance checking provide insights into actual processes by analyzing event data that are widely available in information systems. These data are very valuable, but often contain sensitive information, and process analysts need to balance confidentiality and utility. Privacy issues in process mining are recently receiving more attention from 更新日期：2020-09-25 • arXiv.cs.CR Pub Date : 2020-09-24 Ehsan Aghaei; Waseem Shadid; Ehab Al-Shaer The Common Vulnerabilities and Exposures (CVE) represent standard means for sharing publicly known information security vulnerabilities. One or more CVEs are grouped into the Common Weakness Enumeration (CWE) classes for the purpose of understanding the software or configuration flaws and potential impacts enabled by these vulnerabilities and identifying means to detect or prevent exploitation. As 更新日期：2020-09-25 • arXiv.cs.CR Pub Date : 2020-09-24 Hetong Jiang; Taejun Choi; Ryan K. L. Ko Cybersecurity tools are increasingly automated with artificial intelligent (AI) capabilities to match the exponential scale of attacks, compensate for the relatively slower rate of training new cybersecurity talents, and improve of the accuracy and performance of both tools and users. However, the safe and appropriate usage of autonomous cyber attack tools - especially at the development stages for 更新日期：2020-09-25 • arXiv.cs.CR Pub Date : 2020-09-24 Riadul Islam; Rafi Ud Daula Refat; Sai Manikanta Yerram; Hafiz Malik We propose a new hybrid clock distribution scheme that uses global current-mode (CM) and local voltage-mode (VM) clocking to distribute a high-performance clock signal with reduced power consumption. In order to enable hybrid clocking, we propose two new current-to-voltage converters. The converters are simple current receiver circuits based on amplifier and current-mirror circuits. The global clocking 更新日期：2020-09-25 • arXiv.cs.CR Pub Date : 2020-09-24 Chenwei Wu; Chenzhuang Du; Yang Yuan In the classical multi-party computation setting, multiple parties jointly compute a function without revealing their own input data. We consider a variant of this problem, where the input data can be shared for machine learning training purposes, but the data are also encrypted so that they cannot be recovered by other parties. We present a rotation based method using flow model, and theoretically 更新日期：2020-09-25 • arXiv.cs.CR Pub Date : 2020-09-23 Matthias Rottmann; Mathis Peyron; Natasa Krejic; Hanno Gottschalk Deep neural networks (DNNs) have proven to be powerful tools for processing unstructured data. However for high-dimensional data, like images, they are inherently vulnerable to adversarial attacks. Small almost invisible perturbations added to the input can be used to fool DNNs. Various attacks, hardening methods and detection methods have been introduced in recent years. Notoriously, Carlini-Wagner 更新日期：2020-09-25 • arXiv.cs.CR Pub Date : 2020-09-23 Punam Bedi; Neha Gupta; Vinita Jindal NIDSs identify malicious activities by analyzing network traffic. NIDSs are trained with the samples of benign and intrusive network traffic. Training samples belong to either majority or minority classes depending upon the number of available instances. Majority classes consist of abundant samples for the normal traffic as well as for recurrent intrusions. Whereas, minority classes include fewer samples 更新日期：2020-09-25 • arXiv.cs.CR Pub Date : 2020-09-23 Laszlo Erdodi; Fabio Massimo Zennaro Website hacking is a frequent attack type used by malicious actors to obtain confidential information, modify the integrity of web pages or make websites unavailable. The tools used by attackers are becoming more and more automated and sophisticated, and malicious machine learning agents seems to be the next development in this line. In order to provide ethical hackers with similar tools, and to understand 更新日期：2020-09-24 • arXiv.cs.CR Pub Date : 2020-09-23 Swanand Kadhe; Nived Rajaraman; O. Ozan Koyluoglu; Kannan Ramchandran Recent attacks on federated learning demonstrate that keeping the training data on clients' devices does not provide sufficient privacy, as the model parameters shared by clients can leak information about their training data. A 'secure aggregation' protocol enables the server to aggregate clients' models in a privacy-preserving manner. However, existing secure aggregation protocols incur high com 更新日期：2020-09-24 • arXiv.cs.CR Pub Date : 2020-09-21 Maanak Gupta; Sudip Mittal; Mahmoud Abdelsalam The use of Artificial Intelligence (AI) and Machine Learning (ML) to solve cybersecurity problems has been gaining traction within industry and academia, in part as a response to widespread malware attacks on critical systems, such as cloud infrastructures, government offices or hospitals, and the vast amounts of data they generate. AI- and ML-assisted cybersecurity offers data-driven automation that 更新日期：2020-09-24 • arXiv.cs.CR Pub Date : 2020-09-20 Vahid Shahrivari; Mohammad Mahdi Darabi; Mohammad Izadi The Internet has become an indispensable part of our life, However, It also has provided opportunities to anonymously perform malicious activities like Phishing. Phishers try to deceive their victims by social engineering or creating mock-up websites to steal information such as account ID, username, password from individuals and organizations. Although many methods have been proposed to detect phishing 更新日期：2020-09-24 • arXiv.cs.CR Pub Date : 2020-09-23 Malte Breuer; Ulrike Meyer; Susanne Wetzel; Anja Mühlfeld Kidney donations from living donors form an attractive alternative to long waiting times on a list for a post-mortem donation. However, even if a living donor for a given patient is found, the donor's kidney might not meet the patient's medical requirements. If several patients are in this position, they may be able to exchange donors in a cyclic fashion. Current algorithmic approaches for determining 更新日期：2020-09-24 • arXiv.cs.CR Pub Date : 2020-09-23 Prabal Banerjee; Chander Govindarajan; Praveen Jayachandran; Sushmita Ruj Content sharing platforms such as Youtube and Vimeo have promoted pay per view models for artists to monetize their content. Yet, artists remain at the mercy of centralized platforms that control content listing and advertisement, with little transparency and fairness in terms of number of views or revenue. On the other hand, consumers are distanced from the publishers and cannot authenticate originality 更新日期：2020-09-24 • arXiv.cs.CR Pub Date : 2020-09-23 Nicholas Carlini A recent defense proposes to inject "honeypots" into neural networks in order to detect adversarial attacks. We break the baseline version of this defense by reducing the detection true positive rate to 0\% and the detection AUC to 0.02, maintaining the original distortion bounds. The authors of the original paper have amended the defense in their CCS'20 paper to mitigate this attacks. To aid further 更新日期：2020-09-24 • arXiv.cs.CR Pub Date : 2020-09-23 Zhuoran Ma; Jianfeng Ma; Yinbin Miao; Ximeng Liu; Kim-Kwang Raymond Choo; Robert H. Deng Federated learning has become prevalent in medical diagnosis due to its effectiveness in training a federated model among multiple health institutions (i.e. Data Islands (DIs)). However, increasingly massive DI-level poisoning attacks have shed light on a vulnerability in federated learning, which inject poisoned data into certain DIs to corrupt the availability of the federated model. Previous works 更新日期：2020-09-24 • arXiv.cs.CR Pub Date : 2020-09-23 Jinyuan Chen Byzantine agreement (BA) is a distributed consensus problem where$n$processors want to reach agreement on an$\ell$-bit message or value, but up to$t$of the processors are dishonest or faulty. The challenge of this BA problem lies in achieving agreement despite the presence of dishonest processors who may arbitrarily deviate from the designed protocol. The quality of a BA protocol is measured primarily 更新日期：2020-09-24 • arXiv.cs.CR Pub Date : 2020-09-22 Ankit Srivastava; Samira Pouyanfar; Joshua Allen; Ken Johnston; Qida Ma Computation of Mutual Information (MI) helps understand the amount of information shared between a pair of random variables. Automated feature selection techniques based on MI ranking are regularly used to extract information from sensitive datasets exceeding petabytes in size, over millions of features and classes. Series of one-vs-all MI computations can be cascaded to produce n-fold MI results, 更新日期：2020-09-24 • arXiv.cs.CR Pub Date : 2020-09-22 Ruizhe Gu; Ping Wang; Mengce Zheng; Honggang Hu; Nenghai Yu Numerous previous works have studied deep learning algorithms applied in the context of side-channel attacks, which demonstrated the ability to perform successful key recoveries. These studies show that modern cryptographic devices are increasingly threatened by side-channel attacks with the help of deep learning. However, the existing countermeasures are designed to resist classical side-channel attacks 更新日期：2020-09-23 • arXiv.cs.CR Pub Date : 2020-09-19 Yaguan Qian; Qiqi Shao; Jiamin Wang; Xiang Lin; Yankai Guo; Zhaoquan Gu; Bin Wang; Chunming Wu With the boom of edge intelligence, its vulnerability to adversarial attacks becomes an urgent problem. The so-called adversarial example can fool a deep learning model on the edge node to misclassify. Due to the property of transferability, the adversary can easily make a black-box attack using a local substitute model. Nevertheless, the limitation of resource of edge nodes cannot afford a complicated 更新日期：2020-09-23 • arXiv.cs.CR Pub Date : 2020-09-19 Javad Hassannataj Joloudari; Mojtaba Haderbadi; Amir Mashmool; Mohammad GhasemiGol; Shahab S.; Amir Mosavi One of the most common and important destructive attacks on the victim system is Advanced Persistent Threat (APT)-attack. The APT attacker can achieve his hostile goals by obtaining information and gaining financial benefits regarding the infrastructure of a network. One of the solutions to detect a secret APT attack is using network traffic. Due to the nature of the APT attack in terms of being on 更新日期：2020-09-23 • arXiv.cs.CR Pub Date : 2020-09-21 Zhengxian He; Mohit Narayan Rajput; Mustaque Ahamad New security and privacy concerns arise due to the growing popularity of voice assistant (VA) deployments in home and enterprise networks. A number of past research results have demonstrated how malicious actors can use hidden commands to get VAs to perform certain operations even when a person may be in their vicinity. However, such work has not explored how compromised computers that are close to 更新日期：2020-09-23 • arXiv.cs.CR Pub Date : 2020-09-21 Jose de Jesus Rugeles; Edward Paul Guillen; Leonardo S Cardoso The increase of cyberattacks using IoT devices has exposed the vulnerabilities in the infrastructures that make up the IoT and have shown how small devices can affect networks and services functioning. This paper presents a review of the vulnerabilities of the wireless technologies that bear the IoT and assessing the experiences in implementing wireless attacks targeting the Internet of Things using 更新日期：2020-09-23 • arXiv.cs.CR Pub Date : 2020-09-21 Jamie O'Hare; Lynsay A. Shepherd Despite significant popularity, the bug bounty process has remained broadly unchanged since its inception, with limited implementation of gamification aspects. Existing literature recognises that current methods generate intensive resource demands, and can encounter issues impacting program effectiveness. This paper proposes a novel bug bounty process aiming to alleviate resource demands and mitigate 更新日期：2020-09-23 • arXiv.cs.CR Pub Date : 2020-09-21 René Mayrhofer; Vishwath Mohan; Stephan Sigg Mobile device authentication has been a highly active research topic for over 10 years, with a vast range of methods having been proposed and analyzed. In related areas such as secure channel protocols, remote authentication, or desktop user authentication, strong, systematic, and increasingly formal threat models have already been established and are used to qualitatively and quantitatively compare 更新日期：2020-09-23 • arXiv.cs.CR Pub Date : 2020-09-22 Joel Wanner; Laurent Chuat; Adrian Perrig Byzantine fault tolerant protocols enable state replication in the presence of crashed, malfunctioning, or actively malicious processes. Designing such protocols without the assistance of verification tools, however, is remarkably error-prone. In an adversarial environment, performance and flexibility come at the cost of complexity, making the verification of existing protocols extremely difficult 更新日期：2020-09-23 • arXiv.cs.CR Pub Date : 2020-09-21 Joseph Sweeney; Marijn J. H. Heule; Lawrence Pileggi Logic locking is a method to prevent intellectual property (IP) piracy. However, under a reasonable attack model, SAT-based methods have proven to be powerful in obtaining the secret key. In response, many locking techniques have been developed to specifically resist this form of attack. In this paper, we demonstrate two SAT modeling techniques that can provide many orders of magnitude speed up in 更新日期：2020-09-23 • arXiv.cs.CR Pub Date : 2020-09-22 Alexis Cooper; Xin Zhou; Scott Heidbrink; Daniel M. Dunlavy Software flaw detection using multimodal deep learning models has been demonstrated as a very competitive approach on benchmark problems. In this work, we demonstrate that even better performance can be achieved using neural architecture search (NAS) combined with multimodal learning models. We adapt a NAS framework aimed at investigating image classification to the problem of software flaw detection 更新日期：2020-09-23 • arXiv.cs.CR Pub Date : 2020-09-22 Daniel Hurtado Ramírez; J. M. Auñón Knowledge discovery is one of the main goals of Artificial Intelligence. This Knowledge is usually stored in databases spread in different environments, being a tedious (or impossible) task to access and extract data from them. To this difficulty we must add that these datasources may contain private data, therefore the information can never leave the source. Privacy Preserving Machine Learning (PPML) 更新日期：2020-09-23 • arXiv.cs.CR Pub Date : 2020-09-22 Kovila P. L. Coopamootoo The steady reports of privacy invasions online paints a picture of the Internet growing into a more dangerous place. This is supported by reports of the potential scale for online harms facilitated by the mass deployment of online technology and the data-intensive web. While Internet users often express concern about privacy, some report taking actions to protect their privacy online. We investigate 更新日期：2020-09-23 • arXiv.cs.CR Pub Date : 2020-09-22 Yuri Gil Dantasfortiss GmbH; Antoaneta Kondevafortiss GmbH; Vivek Nigamfortiss GmbH The development of safety-critical systems requires the control of hazards that can potentially cause harm. To this end, safety engineers rely during the development phase on architectural solutions, called safety patterns, such as safety monitors, voters, and watchdogs. The goal of these patterns is to control (identified) faults that can trigger hazards. Safety patterns can control such faults by 更新日期：2020-09-23 • arXiv.cs.CR Pub Date : 2020-09-21 Suat Mercan; Kemal Akkaya; Lisa Cain; John Thomas The Internet of Things (IoT) has been on the rise in the last decade as it finds applications in various domains. Hospitality is one of the pioneer sectors that has adopted this technology to create novel services such as smart hotel rooms, personalized services etc. Hotels, restaurants, theme parks, and cruise ships are some specific application areas to improve customer satisfaction by creating an 更新日期：2020-09-23 • arXiv.cs.CR Pub Date : 2020-09-21 Gautam Raj Mode; Khaza Anuarul Hoque In manufacturing, unexpected failures are considered a primary operational risk, as they can hinder productivity and can incur huge losses. State-of-the-art Prognostics and Health Management (PHM) systems incorporate Deep Learning (DL) algorithms and Internet of Things (IoT) devices to ascertain the health status of equipment, and thus reduce the downtime, maintenance cost and increase the productivity 更新日期：2020-09-23 • arXiv.cs.CR Pub Date : 2020-09-09 Scott Heidbrink; Kathryn N. Rodhouse; Daniel M. Dunlavy We explore the use of multiple deep learning models for detecting flaws in software programs. Current, standard approaches for flaw detection rely on a single representation of a software program (e.g., source code or a program binary). We illustrate that, by using techniques from multimodal deep learning, we can simultaneously leverage multiple representations of software programs to improve flaw 更新日期：2020-09-23 • arXiv.cs.CR Pub Date : 2020-09-21 Wenjie Bai; Jeremiah Blocki; Ben Harsha We introduce password strength information signaling as a novel, yet counter-intuitive, defense against password cracking attacks. Recent breaches have exposed billions of user passwords to the dangerous threat of offline password cracking attacks. An offline attacker can quickly check millions (or sometimes billions/trillions) of password guesses by comparing their hash value with the stolen hash 更新日期：2020-09-22 • arXiv.cs.CR Pub Date : 2020-09-21 Suthee Ruangwises; Toshiya Itoh Ripple Effect is a logic puzzle with an objective to fill numbers into a rectangular grid divided into rooms. Each room must contain consecutive integers starting from 1 to its size. Also, if two cells in the same row or column have the same number$x$, the space separating the two cells must be at least$x$cells. In this paper, we propose a physical protocol of zero-knowledge proof for Ripple Effect 更新日期：2020-09-22 • arXiv.cs.CR Pub Date : 2020-09-21 Xin Fang; Xiaoqing Sun; Jiahai Yang; Xinran Liu DGA-based botnet, which uses Domain Generation Algorithms (DGAs) to evade supervision, has become a part of the most destructive threats to network security. Over the past decades, a wealth of defense mechanisms focusing on domain features have emerged to address the problem. Nonetheless, DGA detection remains a daunting and challenging task due to the big data nature of Internet traffic and the potential 更新日期：2020-09-22 • arXiv.cs.CR Pub Date : 2020-09-21 Renpeng ZouSchool of Cyber Engineering, Xidian University, Xian, China; Xixiang LvSchool of Cyber Engineering, Xidian University, Xian, China; Jingsong ZhaoSchool of Cyber Engineering, Xidian University, Xian, China The development of eHealth systems has brought great convenience to people's life. Researchers have been combining new technologies to make eHealth systems work better for patients. The Blockchain-based eHealth system becomes popular because of its unique distributed tamper-resistant and privacy-preserving features. However, due to the security issues of the blockchain system, there are many security 更新日期：2020-09-22 • arXiv.cs.CR Pub Date : 2020-09-21 Jean-François Determe; Sophia Azzagnuni; Utkarsh Singh; François Horlin; Philippe De Doncker The main contribution of this paper consists in theoretical approximations of the collision rate of$n$random identifiers uniformly distributed in$m (> n)$buckets---along with bounds on the approximation errors. A secondary contribution is a decentralized anonymization system of media access control (MAC) addresses with a low collision rate. The main contribution supports the secondary one in that 更新日期：2020-09-22 • arXiv.cs.CR Pub Date : 2020-09-21 Run Wang; Felix Juefei-Xu; Qing Guo; Yihao Huang; Lei Ma; Yang Liu; Lina Wang In recent years, DeepFake is becoming a common threat to our society, due to the remarkable progress of generative adversarial networks (GAN) in image synthesis. Unfortunately, existing studies that propose various approaches, in fighting against DeepFake, to determine if the facial image is real or fake, is still at an early stage. Obviously, the current DeepFake detection method struggles to catchthe 更新日期：2020-09-22 • arXiv.cs.CR Pub Date : 2020-09-21 Liehuang Zhu; Xiangyun Tang; Meng Shen; Jie Zhang; Xiaojiang Du To develop Smart City, the growing popularity of Machine Learning (ML) that appreciates high-quality training datasets generated from diverse IoT devices raises natural questions about the privacy guarantees that can be provided in such settings. Privacy-preserving ML training in an aggregation scenario enables a model demander to securely train ML models with the sensitive IoT data gathered from personal 更新日期：2020-09-22 • arXiv.cs.CR Pub Date : 2020-09-21 Lijie Chen; Badih Ghazi; Ravi Kumar; Pasin Manurangsi We study the setup where each of$n$users holds an element from a discrete set, and the goal is to count the number of distinct elements across all users, under the constraint of$(\epsilon, \delta)$-differentially privacy: - In the non-interactive local setting, we prove that the additive error of any protocol is$\Omega(n)$for any constant$\epsilon$and for any$\delta$inverse polynomial in$n\$

更新日期：2020-09-22
• arXiv.cs.CR Pub Date : 2020-09-21
Yongjune Kim; Cyril Guyot; Young-Sik Kim

The min-entropy is an important metric to quantify randomness of generated random numbers in cryptographic applications; it measures the difficulty of guessing the most-likely output. One of the important min-entropy estimator is the compression estimator of NIST Special Publication (SP) 800-90B, which relies on Maurer's universal test. In this paper, we propose two kinds of min-entropy estimators

更新日期：2020-09-22
• arXiv.cs.CR Pub Date : 2020-09-20
Meisam Mohammady; Shangyu Xie; Yuan Hong; Mengyuan Zhang; Lingyu Wang; Makan Pourzandi; Mourad Debbabi

Differential privacy (DP) has emerged as a de facto standard privacy notion for a wide range of applications. Since the meaning of data utility in different applications may vastly differ, a key challenge is to find the optimal randomization mechanism, i.e., the distribution and its parameters, for a given utility metric. Existing works have identified the optimal distributions in some special cases

更新日期：2020-09-22
• arXiv.cs.CR Pub Date : 2020-09-20
Zhiyi Zhang; Su Yong Wong; Junxiao Shi; Davide Pesavento; Alexander Afanasyev; Lixia Zhang

Named Data Networking (NDN) secures network communications by requiring all data packets to be signed when produced. This requirement necessitates efficient and usable mechanisms to handle NDN certificate issuance and revocation, making these supporting mechanisms essential for NDN operations. In this paper, we first investigate and clarify core concepts related to NDN certificates and security design

更新日期：2020-09-22
• arXiv.cs.CR Pub Date : 2020-09-19
Chris J Mitchell

A serious weakness in the recently proposed Chen-Hsu-Harn group authentication and group key establishment scheme is described. A simple attack against the group key establishment part of the scheme is given, which casts doubt on the viability of the scheme.

更新日期：2020-09-22
• arXiv.cs.CR Pub Date : 2020-09-19
Jamil Ispahany; Rafiqul Islam

Throughout the COVID-19 outbreak, malicious attacks have become more pervasive and damaging than ever. Malicious intruders have been responsible for most cybercrimes committed recently and are the cause for a growing number of cyber threats, including identity and IP thefts, financial crimes, and cyber-attacks to critical infrastructures. Machine learning (ML) has proven itself as a prominent field

更新日期：2020-09-22
• arXiv.cs.CR Pub Date : 2020-09-19
Richard Knight; Jason R. C. Nurse

A major cyber security incident can represent a cyber crisis for an organisation, in particular because of the associated risk of substantial reputational damage. As the likelihood of falling victim to a cyberattack has increased over time, so too has the need to understand exactly what is effective corporate communication after an attack, and how best to engage the concerns of customers, partners

更新日期：2020-09-22
• arXiv.cs.CR Pub Date : 2020-09-19

JavaScript is a popular attack vector for releasing malicious payloads on unsuspecting Internet users. Authors of this malicious JavaScript often employ numerous obfuscation techniques in order to prevent the automatic detection by antivirus and hinder manual analysis by professional malware analysts. Consequently, this paper presents SAFE-Deobs, a JavaScript deobfuscation tool that we have built.

更新日期：2020-09-22
• arXiv.cs.CR Pub Date : 2020-09-21
Maurice Weber; Nana Liu; Bo Li; Ce Zhang; Zhikuan Zhao

Quantum machine learning models have the potential to offer speedups and better predictive accuracy compared to their classical counterparts. However, these quantum algorithms, like their classical counterparts, have been shown to also be vulnerable to input perturbations, in particular for classification problems. These can arise either from noisy implementations or, as a worst-case type of noise

更新日期：2020-09-22
• arXiv.cs.CR Pub Date : 2020-09-18
Gururaj Saileshwar; Moinuddin Qureshi

Shared caches in modern processors are vulnerable to conflict-based attacks, whereby an attacker monitors the access pattern of a victim by engineering cache-set conflicts. Recent mitigations propose a randomized mapping of addresses to cache locations to obfuscate addresses that can conflict with a target address. Unfortunately, such designs continue to select eviction candidates from a small subset

更新日期：2020-09-22
• arXiv.cs.CR Pub Date : 2020-09-21
Swaroop Ramaswamy; Om Thakkar; Rajiv Mathews; Galen Andrew; H. Brendan McMahan; Françoise Beaufays

This paper presents the first consumer-scale next-word prediction (NWP) model trained with Federated Learning (FL) while leveraging the Differentially Private Federated Averaging (DP-FedAvg) technique. There has been prior work on building practical FL infrastructure, including work demonstrating the feasibility of training language models on mobile devices using such infrastructure. It has also been

更新日期：2020-09-22
• arXiv.cs.CR Pub Date : 2020-09-01
Yunzhe Xue; Meiyan Xie; Usman Roshan

Substitute model black box attacks can create adversarial examples for a target model just by accessing its output labels. This poses a major challenge to machine learning models in practice, particularly in security sensitive applications. The 01 loss model is known to be more robust to outliers and noise than convex models that are typically used in practice. Motivated by these properties we present

更新日期：2020-09-22
• arXiv.cs.CR Pub Date : 2020-09-04
Ji LiuSchool of Electrical & Information Engineering, University of Sydney, Australia; Hang ZhaoSchool of Electrical & Information Engineering, University of Sydney, Australia; Jiyuan YangSchool of Electrical & Information Engineering, University of Sydney, Australia; Yu ShiSchool of Electrical & Information Engineering, University of Sydney, Australia; Ruichang LiuSchool of Electrical & Information

Given a large number of online services on the Internet, from time to time, people are still struggling to find out the services that they need. On the other hand, when there are considerable research and development on service discovery and service recommendation, most of the related work are centralized and thus suffers inherent shortages of the centralized systems, e.g., adv-driven, lack at trust

更新日期：2020-09-22
• arXiv.cs.CR Pub Date : 2020-09-21
Johannes Kunz; Julian Renner; Georg Maringer; Thomas Schamberger; Antonia Wachter-Zeh

This work compares the performance of software implementations of different Gabidulin decoders. The parameter sets used within the comparison stem from their applications in recently proposed cryptographic schemes. The complexity analysis of the decoders is recalled, counting the occurrence of each operation within the respective decoders. It is shown that knowing the number of operations may be misleading

更新日期：2020-09-22
• arXiv.cs.CR Pub Date : 2020-09-21
Yu Li; Min Li; Bo Luo; Ye Tian; Qiang Xu

Deep neural networks (DNNs) have become one of the enabling technologies in many safety-critical applications, e.g., autonomous driving and medical image analysis. DNN systems, however, suffer from various kinds of threats, such as adversarial example attacks and fault injection attacks. While there are many defense methods proposed against maliciously crafted inputs, solutions against faults presented

更新日期：2020-09-22
• arXiv.cs.CR Pub Date : 2020-09-21
Xiaoyong Yuan; Lei Ding; Lan Zhang; Xiaolin Li; Dapeng Wu

Deep neural networks (DNNs) have become the essential components for various commercialized machine learning services, such as Machine Learning as a Service (MLaaS). Recent studies show that machine learning services face severe privacy threats - well-trained DNNs owned by MLaaS providers can be stolen through public APIs, namely model stealing attacks. However, most existing works undervalued the

更新日期：2020-09-22
Contents have been reproduced by permission of the publishers.

down
wechat
bug