2,008 research outputs found
Centralized vs Decentralized Multi-Agent Guesswork
We study a notion of guesswork, where multiple agents intend to launch a
coordinated brute-force attack to find a single binary secret string, and each
agent has access to side information generated through either a BEC or a BSC.
The average number of trials required to find the secret string grows
exponentially with the length of the string, and the rate of the growth is
called the guesswork exponent. We compute the guesswork exponent for several
multi-agent attacks. We show that a multi-agent attack reduces the guesswork
exponent compared to a single agent, even when the agents do not exchange
information to coordinate their attack, and try to individually guess the
secret string using a predetermined scheme in a decentralized fashion. Further,
we show that the guesswork exponent of two agents who do coordinate their
attack is strictly smaller than that of any finite number of agents
individually performing decentralized guesswork.Comment: Accepted at IEEE International Symposium on Information Theory (ISIT)
201
Why Botnets Work: Distributed Brute-Force Attacks Need No Synchronization
In September 2017, McAffee Labs quarterly report estimated that brute force
attacks represent 20\% of total network attacks, making them the most prevalent
type of attack ex-aequo with browser based vulnerabilities. These attacks have
sometimes catastrophic consequences, and understanding their fundamental limits
may play an important role in the risk assessment of password-secured systems,
and in the design of better security protocols. While some solutions exist to
prevent online brute-force attacks that arise from one single IP address,
attacks performed by botnets are more challenging. In this paper, we analyze
these distributed attacks by using a simplified model. Our aim is to understand
the impact of distribution and asynchronization on the overall computational
effort necessary to breach a system. Our result is based on Guesswork, a
measure of the number of queries (guesses) required of an adversary before a
correct sequence, such as a password, is found in an optimal attack. Guesswork
is a direct surrogate for time and computational effort of guessing a sequence
from a set of sequences with associated likelihoods. We model the lack of
synchronization by a worst-case optimization in which the queries made by
multiple adversarial agents are received in the worst possible order for the
adversary, resulting in a min-max formulation. We show that, even without
synchronization, and for sequences of growing length, the asymptotic optimal
performance is achievable by using randomized guesses drawn from an appropriate
distribution. Therefore, randomization is key for distributed asynchronous
attacks. In other words, asynchronous guessers can asymptotically perform
brute-force attacks as efficiently as synchronized guessers.Comment: Accepted to IEEE Transactions on Information Forensics and Securit
Let's Sketch in 360Âş: spherical perspectives for virtual reality panoramas
Conferência realizada em Stockholm, Sweden de 25–29 julho de 2018In this workshop we will learn how to draw a 360-degree view of our environment using spherical perspective,
and how to visualize these drawings as immersive panoramas by uploading them to virtual reality platforms that
provide an interactive visualization of a 3D reconstruction of the original scene. We shall show how to construct
these drawing in a simple way, using ruler and compass constructions, facilitated by adequate gridding that takes advantage of the symmetry groups of these spherical perspectives. We will consider two spherical perspectives: equirectangular and azimuthal equidistant, with a focus on the former due to its seamless integration with visualization software readily available on social networks. We will stress the relationship between these panoramas and the notion of spherical anamorphosis.info:eu-repo/semantics/publishedVersio
Conceptually driven and visually rich tasks in texts and teaching practice: the case of infinite series
The study we report here examines parts of what Chevallard calls the institutional dimension of the students’ learning experience of a relatively under-researched, yet crucial, concept in Analysis, the concept of infinite series. In particular, we examine how the concept is introduced to students in texts and in teaching practice. To this purpose, we employ Duval's Theory of Registers of Semiotic Representation towards the analysis of 22 texts used in Canada and UK post-compulsory courses. We also draw on interviews with in-service teachers and university lecturers in order to discuss briefly teaching practice and some of their teaching suggestions. Our analysis of the texts highlights that the presentation of the concept is largely a-historical, with few graphical representations, few opportunities to work across different registers (algebraic, graphical, verbal), few applications or intra-mathematical references to the concept's significance and few conceptually driven tasks that go beyond practising with the application of convergence tests and prepare students for the complex topics in which the concept of series is implicated. Our preliminary analysis of the teacher interviews suggests that pedagogical practice often reflects the tendencies in the texts. Furthermore, the interviews with the university lecturers point at the pedagogical potential of: illustrative examples and evocative visual representations in teaching; and, student engagement with systematic guesswork and writing explanatory accounts of their choices and applications of convergence tests
Integration of the Friedmann equation for universes of arbitrary complexity
An explicit and complete set of constants of the motion are constructed
algorithmically for Friedmann-Lema\^{i}tre-Robertson-Walker (FLRW) models
consisting of an arbitrary number of non-interacting species. The inheritance
of constants of the motion from simpler models as more species are added is
stressed. It is then argued that all FLRW models admit what amounts to a unique
candidate for a gravitational epoch function (a dimensionless scalar invariant
derivable from the Riemann tensor without differentiation which is monotone
throughout the evolution of the universe). The same relations that lead to the
construction of constants of the motion allow an explicit evaluation of this
function. In the simplest of all models, the CDM model, it is shown
that the epoch function exists for all models with , but for
almost no models with .Comment: Final form to appear in Physical Review D1
Why Botnets Work: Distributed Brute-Force Attacks Need No Synchronization
In September 2017, McAffee Labs quarterly report estimated that brute force
attacks represent 20% of total network attacks, making them the most prevalent
type of attack ex-aequo with browser based vulnerabilities. These attacks have
sometimes catastrophic consequences, and understanding their fundamental limits
may play an important role in the risk assessment of password-secured systems,
and in the design of better security protocols. While some solutions exist to
prevent online brute-force attacks that arise from one single IP address,
attacks performed by botnets are more challenging. In this paper, we analyze
these distributed attacks by using a simplified model. Our aim is to understand
the impact of distribution and asynchronization on the overall computational
effort necessary to breach a system. Our result is based on Guesswork, a
measure of the number of password queries (guesses) before the correct one is
found in an optimal attack, which is a direct surrogate for the time and the
computational effort. We model the lack of synchronization by a worst-case
optimization in which the queries are received in the worst possible order,
resulting in a min-max formulation. We show that even without synchronization
and for sequences of growing length, the asymptotic optimal performance is
achievable by using randomized guesses drawn from an appropriate distribution.
Therefore, randomization is key for distributed asynchronous attacks. In other
words, asynchronous guessers can asymptotically perform brute-force attacks as
efficiently as synchronized guessers.Comment: 13 pages, 4 figure
- …