Detecting (Absent) App-to-app authentication on cross-device short-distance channels

Short-distance or near-field communication is increasingly used by mobile apps for interacting or exchanging data in a cross-device fashion. In this paper, we identify a security issue, namely cross-device app-to-app communication hijacking (or CATCH), that affect Android apps using short-distance channels (e.g., Bluetooth and Wi-Fi-Direct). This issue causes unauthenticated or malicious app-to-app interactions even when the underlying communication channels are authenticated and secured. In addition to discovering the security issue, we design an algorithm based on data-flow analysis for detecting the presence of CATCH in Android apps. Our algorithm checks if a given app contains an app-to-app authentication scheme, necessary for preventing CATCH. We perform experiments on a set of Android apps and show the CATCH problem is always present on the whole analyzed applications set. We also discuss the impact of the problem in real scenarios by presenting two real case studies. At the end of the paper we reported limitations of our model along with future improvements

Computational approaches to shed light on molecular mechanisms in biological processes

Computational approaches based on Molecular Dynamics simulations, Quantum Mechanical methods and 3D Quantitative Structure-Activity Relationships were employed by computational chemistry groups at the University of Milano-Bicocca to study biological processes at the molecular level. The paper reports the methodologies adopted and the results obtained on Aryl hydrocarbon Receptor and homologous PAS proteins mechanisms, the properties of prion protein peptides, the reaction pathway of hydrogenase and peroxidase enzymes and the defibrillogenic activity of tetracyclines. © Springer-Verlag 2007

A Novel Hierarchy of Integrable Lattices

In the framework of the reduction technique for Poisson-Nijenhuis structures, we derive a new hierarchy of integrable lattice, whose continuum limit is the AKNS hierarchy. In contrast with other differential-difference versions of the AKNS system, our hierarchy is endowed with a canonical Poisson structure and, moreover, it admits a vector generalisation. We also solve the associated spectral problem and explicity contruct action-angle variables through the r-matrix approach.Comment: Latex fil

Information Gathering in Ad-Hoc Radio Networks with Tree Topology

We study the problem of information gathering in ad-hoc radio networks without collision detection, focussing on the case when the network forms a tree, with edges directed towards the root. Initially, each node has a piece of information that we refer to as a rumor. Our goal is to design protocols that deliver all rumors to the root of the tree as quickly as possible. The protocol must complete this task within its allotted time even though the actual tree topology is unknown when the computation starts. In the deterministic case, assuming that the nodes are labeled with small integers, we give an O(n)-time protocol that uses unbounded messages, and an O(n log n)-time protocol using bounded messages, where any message can include only one rumor. We also consider fire-and-forward protocols, in which a node can only transmit its own rumor or the rumor received in the previous step. We give a deterministic fire-and- forward protocol with running time O(n^1.5), and we show that it is asymptotically optimal. We then study randomized algorithms where the nodes are not labelled. In this model, we give an O(n log n)-time protocol and we prove that this bound is asymptotically optimal

Surgically Returning to Randomized lib(c)

To strengthen systems against code injection attacks, the write or execute only policy (W + X) and address space layout randomization (ASLR) are typically used in combination. The former separates data and code, while the latter randomizes the layout of a process. In this paper we present a new attack to bypass W + X and ASLR. The state-of-the-art attack against this combination of protections is based on brute-force, while ours is based on the leakage of sensitive information about the memory layout of the process. Using our attack an attacker can exploit the majority of programs vulnerable to stack-based buffer overflows surgically, i.e., in a single attempt. We have estimated that our attack is feasible on 95.6% and 61.8% executables (of medium size) for Intel x86 and x86-64 architectures, respectively. We also analyze the effectiveness of other existing protections at preventing our attack. We conclude that position independent executables (PIE) are essential to complement ASLR and to prevent our attack. However, PIE requires recompilation, it is often not adopted even when supported, and it is not available on all ASLR-capable operating systems. To overcome these limitations, we propose a new protection that is as effective as PIE, does not require recompilation, and introduces only a minimal overhead

Threshold criterion for wetting at the triple point

Grand canonical simulations are used to calculate adsorption isotherms of various classical gases on alkali metal and Mg surfaces. Ab initio adsorption potentials and Lennard-Jones gas-gas interactions are used. Depending on the system, the resulting behavior can be nonwetting for all temperatures studied, complete wetting, or (in the intermediate case) exhibit a wetting transition. An unusual variety of wetting transitions at the triple point is found in the case of a specific adsorption potential of intermediate strength. The general threshold for wetting near the triple point is found to be close to that predicted with a heuristic model of Cheng et al. This same conclusion was drawn in a recent experimental and simulation study of Ar on CO_2 by Mistura et al. These results imply that a dimensionless wetting parameter w is useful for predicting whether wetting behavior is present at and above the triple temperature. The nonwetting/wetting crossover value found here is w circa 3.3.Comment: 15 pages, 8 figure

Integrable Time-Discretisation of the Ruijsenaars-Schneider Model

An exactly integrable symplectic correspondence is derived which in a continuum limit leads to the equations of motion of the relativistic generalization of the Calogero-Moser system, that was introduced for the first time by Ruijsenaars and Schneider. For the discrete-time model the equations of motion take the form of Bethe Ansatz equations for the inhomogeneous spin-1/2 Heisenberg magnet. We present a Lax pair, the symplectic structure and prove the involutivity of the invariants. Exact solutions are investigated in the rational and hyperbolic (trigonometric) limits of the system that is given in terms of elliptic functions. These solutions are connected with discrete soliton equations. The results obtained allow us to consider the Bethe Ansatz equations as ones giving an integrable symplectic correspondence mixing the parameters of the quantum integrable system and the parameters of the corresponding Bethe wavefunction.Comment: 27 pages, latex, equations.st

Scale up your In-Memory Accelerator: Leveraging Wireless-on-Chip Communication for AIMC-based CNN Inference

Analog In-Memory Computing (AIMC) is emerging as a disruptive paradigm for heterogeneous computing, potentially delivering orders of magnitude better peak performance and efficiency over traditional digital signal processing architectures on Matrix-Vector multiplication. However, to sustain this throughput in real-world applications, AIMC tiles must be supplied with data at very high bandwidth and low latency; this poses an unprecedented pressure on the on-chip communication infrastructure, which becomes the system's performance and efficiency bottleneck. In this context, the performance and plasticity of emerging on-chip wireless communication paradigms provide the required breakthrough to up-scale on-chip communication in large AIMC devices. This work presents a many-tile AIMC architecture with inter-tile wireless communication that integrates multiple heterogeneous computing clusters, embedding a mix of parallel RISC-V cores and AIMC tiles. We perform an extensive design space exploration of the proposed architecture and discuss the benefits of exploiting emerging on-chip communication technologies such as wireless transceivers in the millimeter-wave and terahertz band