1,344 research outputs found

    Investigating the Cost of Anonymity on Dynamic Networks

    Full text link
    In this paper we study the difficulty of counting nodes in a synchronous dynamic network where nodes share the same identifier, they communicate by using a broadcast with unlimited bandwidth and, at each synchronous round, network topology may change. To count in such setting, it has been shown that the presence of a leader is necessary. We focus on a particularly interesting subset of dynamic networks, namely \textit{Persistent Distance} - G({\cal G}(PD)h)_{h}, in which each node has a fixed distance from the leader across rounds and such distance is at most hh. In these networks the dynamic diameter DD is at most 2h2h. We prove the number of rounds for counting in G({\cal G}(PD)2)_{2} is at least logarithmic with respect to the network size V|V|. Thanks to this result, we show that counting on any dynamic anonymous network with DD constant w.r.t. V|V| takes at least D+Ω(logV)D+ \Omega(\text{log}\, |V| ) rounds where Ω(logV)\Omega(\text{log}\, |V|) represents the additional cost to be payed for handling anonymity. At the best of our knowledge this is the fist non trivial, i.e. different from Ω(D)\Omega(D), lower bounds on counting in anonymous interval connected networks with broadcast and unlimited bandwith

    On deterministic counting in anonymous dynamic networks

    Get PDF
    Nella tesi di dottorato si analizza il problema del counting in reti anonime dinamiche ed interval connesse. Vengono dimostrati lower bound non triviali sul tempo di conteggio in reti a diametro costante. Inoltre vengono sviluppati nuovi algoritmi di conteggio.Counting is a fundamental problem of every distributed system as it represents a basic building block to implement high level abstractions [2,4,6]. We focus on deterministic counting algorithms, that is we assume that no source of randomness is available to processes. We consider a dynamic system where processes do not leave the compu- tation while there is an adversary that continuously changes the communication graph connecting such processes. The adversary is only constrained to maintain at each round a connected topology, i.e. 1-interval connectivity G(1-IC) [3]. In such environment, it has been shown, [5], that counting cannot be solved without a leader. Therefore, we assume that all processes are anonymous but the distinguished leader. In the thesis we will discuss bounds and algorithms for counting in the aforementioned framework. Our bounds are obtained investigating networks where the distance between the leader and an anonymous process is persistent across rounds and is at most h, we denote such networks as G(PD)h [1]. Interestingly we will show that counting in G(PD)2 requires Ω(log |V |) rounds even when the bandwidth is unlimited. This implies that counting in networks with constant dynamic diameter requires a number of rounds that is function of the network size. We will discuss other results concerning the accuracy of counting algorithms. For the possibility side we will show an optimal counting algorithm for G(PD)h networks and a counting algorithm for G(1-IC) networks

    SAFE: Self-Attentive Function Embeddings for Binary Similarity

    Get PDF
    The binary similarity problem consists in determining if two functions are similar by only considering their compiled form. Advanced techniques for binary similarity recently gained momentum as they can be applied in several fields, such as copyright disputes, malware analysis, vulnerability detection, etc., and thus have an immediate practical impact. Current solutions compare functions by first transforming their binary code in multi-dimensional vector representations (embeddings), and then comparing vectors through simple and efficient geometric operations. However, embeddings are usually derived from binary code using manual feature extraction, that may fail in considering important function characteristics, or may consider features that are not important for the binary similarity problem. In this paper we propose SAFE, a novel architecture for the embedding of functions based on a self-attentive neural network. SAFE works directly on disassembled binary functions, does not require manual feature extraction, is computationally more efficient than existing solutions (i.e., it does not incur in the computational overhead of building or manipulating control flow graphs), and is more general as it works on stripped binaries and on multiple architectures. We report the results from a quantitative and qualitative analysis that show how SAFE provides a noticeable performance improvement with respect to previous solutions. Furthermore, we show how clusters of our embedding vectors are closely related to the semantic of the implemented algorithms, paving the way for further interesting applications (e.g. semantic-based binary function search).Comment: Published in International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA) 201

    Adversarial Attacks against Binary Similarity Systems

    Full text link
    In recent years, binary analysis gained traction as a fundamental approach to inspect software and guarantee its security. Due to the exponential increase of devices running software, much research is now moving towards new autonomous solutions based on deep learning models, as they have been showing state-of-the-art performances in solving binary analysis problems. One of the hot topics in this context is binary similarity, which consists in determining if two functions in assembly code are compiled from the same source code. However, it is unclear how deep learning models for binary similarity behave in an adversarial context. In this paper, we study the resilience of binary similarity models against adversarial examples, showing that they are susceptible to both targeted and untargeted attacks (w.r.t. similarity goals) performed by black-box and white-box attackers. In more detail, we extensively test three current state-of-the-art solutions for binary similarity against two black-box greedy attacks, including a new technique that we call Spatial Greedy, and one white-box attack in which we repurpose a gradient-guided strategy used in attacks to image classifiers

    Function Representations for Binary Similarity

    Get PDF
    The binary similarity problem consists in determining if two functions are similar considering only their compiled form. Advanced techniques for binary similarity recently gained momentum as they can be applied in several fields, such as copyright disputes, malware analysis, vulnerability detection, etc. In this paper we describe SAFE, a novel architecture for function representation based on a self-attentive neural network. SAFE works directly on disassembled binary functions, does not require manual feature extraction, is computationally more efficient than existing solutions, and is more general as it works on stripped binaries and on multiple architectures. Results from our experimental evaluation show how SAFE provides a performance improvement with respect to previoussolutions. Furthermore, we show how SAFE can be used in widely different use cases, thus providing a general solution for several application scenarios

    Population stability: regulating size in the presence of an adversary

    Full text link
    We introduce a new coordination problem in distributed computing that we call the population stability problem. A system of agents each with limited memory and communication, as well as the ability to replicate and self-destruct, is subjected to attacks by a worst-case adversary that can at a bounded rate (1) delete agents chosen arbitrarily and (2) insert additional agents with arbitrary initial state into the system. The goal is perpetually to maintain a population whose size is within a constant factor of the target size NN. The problem is inspired by the ability of complex biological systems composed of a multitude of memory-limited individual cells to maintain a stable population size in an adverse environment. Such biological mechanisms allow organisms to heal after trauma or to recover from excessive cell proliferation caused by inflammation, disease, or normal development. We present a population stability protocol in a communication model that is a synchronous variant of the population model of Angluin et al. In each round, pairs of agents selected at random meet and exchange messages, where at least a constant fraction of agents is matched in each round. Our protocol uses three-bit messages and ω(log2N)\omega(\log^2 N) states per agent. We emphasize that our protocol can handle an adversary that can both insert and delete agents, a setting in which existing approximate counting techniques do not seem to apply. The protocol relies on a novel coloring strategy in which the population size is encoded in the variance of the distribution of colors. Individual agents can locally obtain a weak estimate of the population size by sampling from the distribution, and make individual decisions that robustly maintain a stable global population size
    corecore