2,992 research outputs found
StoryDroid: Automated Generation of Storyboard for Android Apps
Mobile apps are now ubiquitous. Before developing a new app, the development
team usually endeavors painstaking efforts to review many existing apps with
similar purposes. The review process is crucial in the sense that it reduces
market risks and provides inspiration for app development. However, manual
exploration of hundreds of existing apps by different roles (e.g., product
manager, UI/UX designer, developer) in a development team can be ineffective.
For example, it is difficult to completely explore all the functionalities of
the app in a short period of time. Inspired by the conception of storyboard in
movie production, we propose a system, StoryDroid, to automatically generate
the storyboard for Android apps, and assist different roles to review apps
efficiently. Specifically, StoryDroid extracts the activity transition graph
and leverages static analysis techniques to render UI pages to visualize the
storyboard with the rendered pages. The mapping relations between UI pages and
the corresponding implementation code (e.g., layout code, activity code, and
method hierarchy) are also provided to users. Our comprehensive experiments
unveil that StoryDroid is effective and indeed useful to assist app
development. The outputs of StoryDroid enable several potential applications,
such as the recommendation of UI design and layout code
Constructing elastic distinguishability metrics for location privacy
With the increasing popularity of hand-held devices, location-based
applications and services have access to accurate and real-time location
information, raising serious privacy concerns for their users. The recently
introduced notion of geo-indistinguishability tries to address this problem by
adapting the well-known concept of differential privacy to the area of
location-based systems. Although geo-indistinguishability presents various
appealing aspects, it has the problem of treating space in a uniform way,
imposing the addition of the same amount of noise everywhere on the map. In
this paper we propose a novel elastic distinguishability metric that warps the
geometrical distance, capturing the different degrees of density of each area.
As a consequence, the obtained mechanism adapts the level of noise while
achieving the same degree of privacy everywhere. We also show how such an
elastic metric can easily incorporate the concept of a "geographic fence" that
is commonly employed to protect the highly recurrent locations of a user, such
as his home or work. We perform an extensive evaluation of our technique by
building an elastic metric for Paris' wide metropolitan area, using semantic
information from the OpenStreetMap database. We compare the resulting mechanism
against the Planar Laplace mechanism satisfying standard
geo-indistinguishability, using two real-world datasets from the Gowalla and
Brightkite location-based social networks. The results show that the elastic
mechanism adapts well to the semantics of each area, adjusting the noise as we
move outside the city center, hence offering better overall privacy
Physics with a Millimole of Muons
The eventual prospect of muon colliders reaching several TeV encourages us to
consider the experimental opportunities presented by very copious stores of
muons, approaching per year. I summarize and comment upon some
highlights of the Fermilab Workshop on Physics at the First Muon Collider and
at the Front End of a Muon Collider. Topics include various varieties of
colliders, colliders, and applications of the intense neutrino
beams that can be generated in muon storage rings.Comment: 16 pages, uses aipproc. Summary talk at the Fermilab Workshop on
Physics at the First Muon Collider and at the Front End of a Muon Collider,
November 199
Recommended from our members
Identification and Mitigation of Information Leakage Caused by Side Channel Vulnerabilities in Network Stack
Keeping users sensitive information secure and private in todays network is challenging. Networks are large, complicated distributed systems and are subject to a wide variety of attacks, such as eavesdropping, identity spoofing, hijacking, etc. What is worse, encrypting data is often not enough in light of advanced threats such as side channel attacks, which enable malicious attackers to infer sensitive data from insignificant network information unexpectedly. For this purpose, we pro- pose series of techniques to prevent such information leakage at different layers in network stacks, and raise awareness of its severity. More specifically, 1) we propose a practical physical (PHY) layer security framework FOG, for effective packet header obfuscation using MIMO, to keep eavesdroppers from receiving any meaningful packet information; 2) we identify and fix a subtle yet serious pure off-path side channel vulnerability (CVE-2016-5696) introduced in both TCP specification and its implementation in Linux kernel, which prevents malicious attackers from exploiting it to indicate arbitrary connections state, reset the connection or even further hijack the connection; 3) we propose a principled TCP side channel vulnerability discovery solution based on model checking and program analysis, and automatically identify 12 new side channel vulnerabilities (and 3 old ones) from TCP implementation in Linux and FreeBSD kernel code. The ultimate goal is to help guide the future design and implementation of network stacks.Keeping users’ sensitive information secure and private in today’s network is challenging. Network nowadays are subject to a wide variety of attacks, such as eavesdropping, identity spoofing, denial of service, etc. What is worse, encrypting sensitive data is often not enough in light of advanced threats such as side channel attacks, which enable malicious attackers to infer sensitive data from “insignificant” network information unexpectedly. For this purpose, we propose series of techniques to prevent such information leakage at different layers in network stack, and raise awareness of its severity. In our first work, we propose a practical physical (PHY) layer security framework FOG, for effective packet header obfuscation using MIMO, to prevent eavesdroppers from receiving any packet headers to profile users. Secondly, we identify and fix a subtle yet serious pure off-path side channel vulnerability (CVE-2016-5696) introduced in both TCP specification and its implementation in Linux kernel. This vulnerability allows malicious attackers to indicate arbitrary TCP connection’s state, reset the connection or even further hijack the connection. Motivated by the fact that most previous TCP side channel vulnerabilities are manually identified, in our last work, we propose a principled TCP side channel vulnerability discovery solution based on model checking and program analysis. It automatically identifies 12 new side channel vulnerabilities (and 3 old ones) from TCP implementation in Linux and FreeBSD kernel code. The ultimate goal of my research is to help guide the future design and implementation of network stacks
PREFENDER: A Prefetching Defender against Cache Side Channel Attacks as A Pretender
Cache side channel attacks are increasingly alarming in modern processors due
to the recent emergence of Spectre and Meltdown attacks. A typical attack
performs intentional cache access and manipulates cache states to leak secrets
by observing the victim's cache access patterns. Different countermeasures have
been proposed to defend against both general and transient execution based
attacks. Despite their effectiveness, they mostly trade some level of
performance for security, or have restricted security scope. In this paper, we
seek an approach to enforcing security while maintaining performance. We
leverage the insight that attackers need to access cache in order to manipulate
and observe cache state changes for information leakage. Specifically, we
propose Prefender, a secure prefetcher that learns and predicts attack-related
accesses for prefetching the cachelines to simultaneously help security and
performance. Our results show that Prefender is effective against several cache
side channel attacks while maintaining or even improving performance for SPEC
CPU 2006 and 2017 benchmarks.Comment: Submitting to a journa
- …