ret2spec: Speculative Execution Using Return Stack Buffers

Speculative execution is an optimization technique that has been part of CPUs for over a decade. It predicts the outcome and target of branch instructions to avoid stalling the execution pipeline. However, until recently, the security implications of speculative code execution have not been studied. In this paper, we investigate a special type of branch predictor that is responsible for predicting return addresses. To the best of our knowledge, we are the first to study return address predictors and their consequences for the security of modern software. In our work, we show how return stack buffers (RSBs), the core unit of return address predictors, can be used to trigger misspeculations. Based on this knowledge, we propose two new attack variants using RSBs that give attackers similar capabilities as the documented Spectre attacks. We show how local attackers can gain arbitrary speculative code execution across processes, e.g., to leak passwords another user enters on a shared system. Our evaluation showed that the recent Spectre countermeasures deployed in operating systems can also cover such RSB-based cross-process attacks. Yet we then demonstrate that attackers can trigger misspeculation in JIT environments in order to leak arbitrary memory content of browser processes. Reading outside the sandboxed memory region with JIT-compiled code is still possible with 80\% accuracy on average.Comment: Updating to the cam-ready version and adding reference to the original pape

Dagstuhl Reports : Volume 1, Issue 2, February 2011

Online Privacy: Towards Informational Self-Determination on the Internet (Dagstuhl Perspectives Workshop 11061) : Simone Fischer-Hübner, Chris Hoofnagle, Kai Rannenberg, Michael Waidner, Ioannis Krontiris and Michael Marhöfer Self-Repairing Programs (Dagstuhl Seminar 11062) : Mauro Pezzé, Martin C. Rinard, Westley Weimer and Andreas Zeller Theory and Applications of Graph Searching Problems (Dagstuhl Seminar 11071) : Fedor V. Fomin, Pierre Fraigniaud, Stephan Kreutzer and Dimitrios M. Thilikos Combinatorial and Algorithmic Aspects of Sequence Processing (Dagstuhl Seminar 11081) : Maxime Crochemore, Lila Kari, Mehryar Mohri and Dirk Nowotka Packing and Scheduling Algorithms for Information and Communication Services (Dagstuhl Seminar 11091) Klaus Jansen, Claire Mathieu, Hadas Shachnai and Neal E. Youn

Application of Difference Schemes to Decision the Pursuit Problem

The problem of the pursuit curve construction in the case when the tangent to pursuer’s motion trajectory passes at any time through the point representing the pursued is considered. A new approach to construct the pursuit curves using difference schemes is proposed. The proposed technique eliminates the need to derive the differential equations for the description of the pursuit curves, which is quite difficult task in the general case. In addition, the application of difference methods is justified in a situation where it is complicated to find the analytical solution of an existing differential equation and it is possible to obtain the pursuit curve only numerically. Various modifications of difference schemes respectively equivalent to the Euler, to the Adams – Bashforth and to the Milne methods are constructed. Their software implementation is realized by using the mathematical package Mathcad. We consider the case of a uniform rectilinear motion of the pursued whose differential equation describing the path of the pursuer and its analytical solution are known. We compare the numerical solutions obtained by the different methods with the well-known analytical solution. The error of the obtained numerical solutions is examined. Moreover, an application is considered illustrating the construction of the difference schemes for the case of an arbitrary trajectory of the pursued. Also, we extend the proposed method to the case of cyclic pursuit with several participants in the three-dimensional space. In particular, we construct a difference scheme equivalent to the Euler method for a three-dimensional analogue of the "bugs problem". The results obtained are demonstrated by means of animated examples for either two-dimensional or three-dimensional cases

Biology of <em>Trypanosoma cruzi</em>

Trypanosoma cruzi, an important zoonotic protozoan that causes Chagas disease, affects at least 8 million people in Latin America. Chagas disease is an important life-long infection in humans that can be divided into distinct clinical stages: the acute phase, where patient symptoms can vary from asymptomatic to severe; the indeterminate form, which is usually asymptomatic; and the chronic phase, where cardiomyopathy and/or digestive megasyndromes appear. In addition to its medical importance, T. cruzi is an interesting biological model for studying processes such as: (1) cell differentiation, where a non-infective stage transforms into an infective one; (2) cell invasion, where the infective stages are able to penetrate into a mammalian host cell, where they multiply several times and thus amplify the infection; and (3) evasion from the immune system, using several mechanisms. This book, with 13 chapters, has been organized in four major sections: 1. "Basic Biology," 2. "Biochemistry and Molecular Biology," 3. "Parasite"Host Cell Interaction," and 4 "Chemotherapy." The chapters include basic biological information on the protozoan lifecycle, including new information on parasite genomics and proteomics. In addition, they analyze the interaction with host cells as well the immune response and evasion, ending with information on experimental chemotherapy against Chagas disease

Art and Engineering Inspired by Swarm Robotics

Swarm robotics has the potential to combine the power of the hive with the sensibility of the individual to solve non-traditional problems in mechanical, industrial, and architectural engineering and to develop exquisite art beyond the ken of most contemporary painters, sculptors, and architects. The goal of this thesis is to apply swarm robotics to the sublime and the quotidian to achieve this synergy between art and engineering. The potential applications of collective behaviors, manipulation, and self-assembly are quite extensive. We will concentrate our research on three topics: fractals, stability analysis, and building an enhanced multi-robot simulator. Self-assembly of swarm robots into fractal shapes can be used both for artistic purposes (fractal sculptures) and in engineering applications (fractal antennas). Stability analysis studies whether distributed swarm algorithms are stable and robust either to sensing or to numerical errors, and tries to provide solutions to avoid unstable robot configurations. Our enhanced multi-robot simulator supports this research by providing real-time simulations with customized parameters, and can become as well a platform for educating a new generation of artists and engineers. The goal of this thesis is to use techniques inspired by swarm robotics to develop a computational framework accessible to and suitable for both artists and engineers. The scope we have in mind for art and engineering is unlimited. Modern museums, stadium roofs, dams, solar power plants, radio telescopes, star networks, fractal sculptures, fractal antennas, fractal floral arrangements, smooth metallic railroad tracks, temporary utilitarian enclosures, permanent modern architectural designs, guard structures, op art, and communication networks can all be built from the bodies of the swarm

INTRUSION DETECTION SYSTEM

An Intrusion detection system is generally considered to be any system designed to detect attempts compromise the integrity, confidentiality or availability of the protected network and associated computer systems. Intrusion Detection System (IDS) aims to detect attempted compromises by monitoring network traffic for indications that an attempted compromise is in progress, or an internal system is behaving in a manner which indicates it may already be compromised. A host based IDS (HIDS) monitors a single system for signs of compromise. The vast majority of worms and other successful cyber attacks are made possible by vulnerabilities in a small number of common operating system services. Attackers are opportunistic. They take the easiest and most convenient route and exploit the best-known flaws with the most effective and widely available attack tools. They count on organizations not fixing the problems, and they often attack indiscriminately, scanning the Internet for any vulnerable systems. The easy and destructive spread of worms, such as Blaster, Slammer, and Code Red, can be traced directly to exploitation of unpatched vulnerabilities

Cyklisk jakt och flykt i planet

Let n bugs constitute the corners of an n-sided polygon. If the bugs cyclically pursue each other, the positions of the bugs will satisfy a system of ordinary differential equations, which we study. We examine the system for different n, but focus on the case n=3. When n=3, the bugs form a triangle. In this case, the solution will converge to some point. We study how the convergence occur. Ignoring translation, rotation and scaling, the triangle converges to a line. Further, we also consider when the three bugs escape from each other. If we again ignore rotation, translation and scaling, the triangle converges to an equilateral triangle. Finally, most theory in this thesis is already known, but we present a new proof for the convergence when three bugs pursuit each other.Vi har n=3 insekter: S1, S2 och S3 placerade i ett plan. Insekterna kommer då, oavsett hur de placeras i planet, kunna ses som hörnen i en triangel. Vi låter sedan insekterna jaga varandra cykliskt. Hur ser vägen ut som insekterna tar? Redan 1877 formulerade Edouard Lucas denna fråga och sedan dess har problemet studerats och även kompletterats med nya frågor av flera forskare. Till exempel kan man fråga sig om alla insekter kommer att kollidera samtidigt eller inte. Dessutom kan antalet insekter ökas. I den här uppsatsen kommer vi framförallt att fokusera på när insekterna bildar en (ickedegenererad) triangel. I det fallet kommer alla insekterna att krocka samtidigt, även om en insekt är långt ifrån de två andra, så att triangeln som bildas är oliksidig. Om antalet insekter är större är det inte säkert att alla krockar samtidigt. Låt nu antalet insekter vara tre. Insekterna kommer alltså att krocka samtidigt, men hur rör de sig i förhållande till varandra fram tills kollisionen? Det kan visas att om insekternas startpositioner inte bildar en liksidig triangel, så kommer insekternas positioner gå mot att ligga på en linje. För ett större antal insekter verkar det som att så länge n<7 går insekterna mot att ligga på en linje, vilket överensstämmer med fallet ovan med tre insekter. Däremot om n är större än eller lika med 7 tycks insekterna konvergera mot en regelbunden polygon innan kollisionen sker. Som nämndes tidigare, är det inte säkert att alla insekter krockar samtidigt om antalet insekter är fler än tre. Om vi har fyra insekter kommer inte alla att krocka samtidigt om insekternas startpositioner bildar en konkav fyrhörning. Däremot kommer de kollidera samtidigt om fyrhörningen som insekterna utgör är konvex. Om antalet insekter är fler än fyra, är det vanligaste att alla insekter krockar samtidigt. Vidare, kan insekterna istället fly från varandra. Även här fokuserar vi på n=3. I det fallet kommer triangeln som insekterna bildar att expandera obegränsat men vinklarna kommer konvergera mot pi/3. Triangeln går alltså mot att bli liksidig