Sensitive and Scalable Online Evaluation with Theoretical Guarantees

Multileaved comparison methods generalize interleaved comparison methods to provide a scalable approach for comparing ranking systems based on regular user interactions. Such methods enable the increasingly rapid research and development of search engines. However, existing multileaved comparison methods that provide reliable outcomes do so by degrading the user experience during evaluation. Conversely, current multileaved comparison methods that maintain the user experience cannot guarantee correctness. Our contribution is two-fold. First, we propose a theoretical framework for systematically comparing multileaved comparison methods using the notions of considerateness, which concerns maintaining the user experience, and fidelity, which concerns reliable correct outcomes. Second, we introduce a novel multileaved comparison method, Pairwise Preference Multileaving (PPM), that performs comparisons based on document-pair preferences, and prove that it is considerate and has fidelity. We show empirically that, compared to previous multileaved comparison methods, PPM is more sensitive to user preferences and scalable with the number of rankers being compared.Comment: CIKM 2017, Proceedings of the 2017 ACM on Conference on Information and Knowledge Managemen

The security of NTP's datagram protocol

For decades, the Network Time Protocol (NTP) has been used to synchronize computer clocks over untrusted network paths. This work takes a new look at the security of NTP’s datagram protocol. We argue that NTP’s datagram protocol in RFC5905 is both underspecified and flawed. The NTP specifications do not sufficiently respect (1) the conflicting security requirements of different NTP modes, and (2) the mechanism NTP uses to prevent off-path attacks. A further problem is that (3) NTP’s control-query interface reveals sensitive information that can be exploited in off-path attacks. We exploit these problems in several attacks that remote attackers can use to maliciously alter a target’s time. We use network scans to find millions of IPs that are vulnerable to our attacks. Finally, we move beyond identifying attacks by developing a cryptographic model and using it to prove the security of a new backwards-compatible client/server protocol for NTP.https://eprint.iacr.org/2016/1006.pdfhttps://eprint.iacr.org/2016/1006.pdfPublished versio

List and Unique Error-Erasure Decoding of Interleaved Gabidulin Codes with Interpolation Techniques

A new interpolation-based decoding principle for interleaved Gabidulin codes is presented. The approach consists of two steps: First, a multi-variate linearized polynomial is constructed which interpolates the coefficients of the received word and second, the roots of this polynomial have to be found. Due to the specific structure of the interpolation polynomial, both steps (interpolation and root-finding) can be accomplished by solving a linear system of equations. This decoding principle can be applied as a list decoding algorithm (where the list size is not necessarily bounded polynomially) as well as an efficient probabilistic unique decoding algorithm. For the unique decoder, we show a connection to known unique decoding approaches and give an upper bound on the failure probability. Finally, we generalize our approach to incorporate not only errors, but also row and column erasures.Comment: accepted for Designs, Codes and Cryptography; presented in part at WCC 2013, Bergen, Norwa

Hybrid analog-digital transmit beamforming for spectrum sharing backhaul networks

© 2018 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes,creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.This paper deals with the problem of analog-digital transmit beamforming under spectrum sharing constraints for backhaul systems. In contrast to fully digital designs, where the spatial processing is done at baseband unit with all the flexible computational resources of digital processors, analog-digital beamforming schemes require that certain processing is done through analog components, such as phase-shifters or switches. These analog components do not have the same processing flexibility as the digital processor, but on the other hand, they can substantially reduce the cost and complexity of the beamforming solution. This paper presents the joint optimization of the analog and digital parts, which results in a nonconvex, NP-hard, and coupled problem. In order to solve it, an alternating optimization with a penalized convex-concave method is proposed. According to the simulation results, this novel iterative procedure is able to find a solution that behaves close to the fully digital beamforming upper bound scheme.Peer ReviewedPostprint (author's final draft

Cross-Layer Design to Maintain Earthquake Sensor Network Connectivity After Loss of Infrastructure

We present the design of a cross-layer protocol to maintain connectivity in an earthquake monitoring and early warning sensor network in the absence of communications infrastructure. Such systems, by design, warn of events that severely damage or destroy communications infrastructure. However, the data they provide is of critical importance to emergency and rescue decision making in the immediate aftermath of such events, as is continued early warning of aftershocks, tsunamis, or other subsequent dangers. Utilizing a beyond line-of-sight (BLOS) HF physical layer, we propose an adaptable cross-layer network design that meets these specialized requirements. We are able to provide ultra high connectivity (UHC) early warning on strict time deadlines under worst-case channel conditions along with providing sufficient capacity for continued seismic data collection from a 1000 sensor network.Comment: To be published in MILCOM 2012 - Track 2: Networking Protocols and Performanc

Continuously non-malleable codes with split-state refresh

Non-malleable codes for the split-state model allow to encode a message into two parts, such that arbitrary independent tampering on each part, and subsequent decoding of the corresponding modified codeword, yields either the same as the original message, or a completely unrelated value. Continuously non-malleable codes further allow to tolerate an unbounded (polynomial) number of tampering attempts, until a decoding error happens. The drawback is that, after an error happens, the system must self-destruct and stop working, otherwise generic attacks become possible. In this paper we propose a solution to this limitation, by leveraging a split-state refreshing procedure. Namely, whenever a decoding error happens, the two parts of an encoding can be locally refreshed (i.e., without any interaction), which allows to avoid the self-destruct mechanism. An additional feature of our security model is that it captures directly security against continual leakage attacks. We give an abstract framework for building such codes in the common reference string model, and provide a concrete instantiation based on the external Diffie-Hellman assumption. Finally, we explore applications in which our notion turns out to be essential. The first application is a signature scheme tolerating an arbitrary polynomial number of split-state tampering attempts, without requiring a self-destruct capability, and in a model where refreshing of the memory happens only after an invalid output is produced. This circumvents an impossibility result from a recent work by Fuijisaki and Xagawa (Asiacrypt 2016). The second application is a compiler for tamper-resilient RAM programs. In comparison to other tamper-resilient compilers, ours has several advantages, among which the fact that, for the first time, it does not rely on the self-destruct feature