EMShepherd: Detecting Adversarial Samples via Side-channel Leakage

Deep Neural Networks (DNN) are vulnerable to adversarial perturbations-small changes crafted deliberately on the input to mislead the model for wrong predictions. Adversarial attacks have disastrous consequences for deep learning-empowered critical applications. Existing defense and detection techniques both require extensive knowledge of the model, testing inputs, and even execution details. They are not viable for general deep learning implementations where the model internal is unknown, a common 'black-box' scenario for model users. Inspired by the fact that electromagnetic (EM) emanations of a model inference are dependent on both operations and data and may contain footprints of different input classes, we propose a framework, EMShepherd, to capture EM traces of model execution, perform processing on traces and exploit them for adversarial detection. Only benign samples and their EM traces are used to train the adversarial detector: a set of EM classifiers and class-specific unsupervised anomaly detectors. When the victim model system is under attack by an adversarial example, the model execution will be different from executions for the known classes, and the EM trace will be different. We demonstrate that our air-gapped EMShepherd can effectively detect different adversarial attacks on a commonly used FPGA deep learning accelerator for both Fashion MNIST and CIFAR-10 datasets. It achieves a 100% detection rate on most types of adversarial samples, which is comparable to the state-of-the-art 'white-box' software-based detectors

Does judicial foreclosure procedure help delinquent subprime mortgage borrowers?

We conduct comprehensive analyses on whether and how the judicial foreclosure procedure helps subprime mortgage borrowers to reinstate their delinquent loans outside foreclosure liquidation. Even though the transition rates of various exit types are all higher in non-judicial states, we argue such higher rates can be mechanically driven by the faster shrinking pool of delinquent mortgages in non-judicial states over time. Based on the cumulative proportions of various exit types during a period of up to 5 years post the mortgage first become 90 days past due, we find that judicial states offer more opportunities for delinquent borrowers to reinstate their loans outside foreclosure liquidation, especially during a housing market downturn. Cures, modifications, and paid-offs were all important alternative ways to resolve serious delinquencies during 2007–2008. After modifications became widely available in 2009, loan modifications became the most important alternative for subprime borrowers to reinstate their delinquent mortgages outside foreclosure liquidation. The lion\u27s share of the judicial foreclosure benefit shows up after the start of the foreclosure process

Towards an Approach for Validating the Internet-of-Transactional-Things

© 2020, Springer Nature Switzerland AG. This paper examines the impact of transactional properties, known as pivot, retriable, and compensatable, on Internet-of-Things (IoT). Despite the ever-growing number of things in today’s cyber-physical world, a limited number of studies examine this impact while considering things’ particularities in terms of reduced size, restricted connectivity, continuous mobility, limited energy, and constrained storage. To address this gap, this paper proceeds first, with exposing things’ duties, namely sensing, actuating, and communicating. Then, it examines the appropriateness of each transactional property for each duty. During the performance of transactional things, (semi)-atomicity criterion is adopted allowing to approve when these things’ duties could be either canceled or compensated. A system that runs a set of what-if experiments is presented in the paper allowing to demonstrate the technical doability of transactional things

MemPoline: Mitigating Memory-based Side-Channel Attacks through Memory Access Obfuscation

Recent years have seen various side-channel timing attacks demonstrated on both CPUs and GPUs, in diverse settings such as desktops, clouds, and mobile systems. These attacks observe events on different shared resources on the memory hierarchy from timing information, and then infer secret-dependent memory access pattern to retrieve the secret through statistical analysis. We generalize these attacks as memory-based side-channel attacks. In this paper, we propose a novel software countermeasure, MemPoline, against memory-based side-channel attacks. MemPoline hides the secret-dependent memory access pattern by moving sensitive data around randomly within a memory space. Compared to the prior oblivious RAM technology, MemPoline employs parameter-directed permutations to achieve randomness, which are significantly more efficient and yet provide similar security. Our countermeasure only requires modifying the source code, and has great advantages of being general - algorithm-agnostic, portable - independent of the underlying architecture, and compatible - a user-space approach that works for any operating system or hypervisor. We run a thorough evaluation of our countermeasure. We apply it to both AES, a symmetric cipher, and RSA, an asymmetric cipher. Both empirical results and theoretical analysis show that our countermeasure resists a series of existing memory-based side-channel attacks on CPUs and GPUs

Signal-induced Brd4 release from chromatin is essential for its role transition from chromatin targeting to transcriptional regulation

Bromodomain-containing protein Brd4 is shown to persistently associate with chromosomes during mitosis for transmitting epigenetic memory across cell divisions. During interphase, Brd4 also plays a key role in regulating the transcription of signal-inducible genes by recruiting positive transcription elongation factor b (P-TEFb) to promoters. How the chromatin-bound Brd4 transits into a transcriptional regulation mode in response to stimulation, however, is largely unknown. Here, by analyzing the dynamics of Brd4 during ultraviolet or hexamethylene bisacetamide treatment, we show that the signal-induced release of chromatin-bound Brd4 is essential for its functional transition. In untreated cells, almost all Brd4 is observed in association with interphase chromatin. Upon treatment, Brd4 is released from chromatin, mostly due to signal-triggered deacetylation of nucleosomal histone H4 at acetylated-lysine 5/8 (H4K5ac/K8ac). Through selective association with the transcriptional active form of P-TEFb that has been liberated from the inactive multi-subunit complex in response to treatment, the released Brd4 mediates the recruitment of this active P-TEFb to promoter, which enhances transcription at the stage of elongation. Thus, through signal-induced release from chromatin and selective association with the active form of P-TEFb, the chromatin-bound Brd4 switches its role to mediate the recruitment of P-TEFb for regulating the transcriptional elongation of signal-inducible genes.National Natural Science Foundation of China[30930046, 30670408, 81070307]; Natural Science Foundation of Fujian[C0210005, 2010J01231]; Science Planning Program of Fujian Province[2009J1010, 2010J1008]; National Foundation for fostering talents of basic science[J1030626

Setting sodium targets for pre-packaged foods in China — an exploratory study

IntroductionSetting sodium targets for pre-packaged food has been a priority strategy for reducing population sodium intake. This study aims to explore the attitudes and considerations of researchers and key stakeholders toward implementing such policy in China.MethodsAn exploratory study comprising a survey and a focus group discussion was conducted among 27 purposively selected participants including 12 researchers, 5 consumers, 4 administrators, 3 industry association representatives and 3 food producers. The survey/discussion covered the key questions considered when developing/promoting sodium targets. Free-text responses were manually classified and summarized using thematic analysis.ResultsTwo-thirds of the participants supported target-setting policy. Researchers and administrators were most supportive, and food producers and associations were least supportive. Adapted WHO food categorization framework was well accepted to underpin target-setting to ensure international comparability and applicability for Chinese products. Maximum values were the most agreed target type. The WHO benchmarks were thought to be too ambitious to be feasible given the current food supply in China but can be regarded as long-term goals. Initially, a reduction of sodium content by 20% was mostly accepted to guide the development of maximum targets. Other recommendations included implementing a comprehensive strategy, strengthening research, engaging social resources, establishing a systematic monitoring/incentive system, maintaining a fair competitive environment, and developing a supportive information system. Target-setting policy was acceptable by most stakeholders and should be implemented alongside strategies to reduce discretionary salt use.DiscussionOur findings provide detailed guidance for the Chinese government when developing a target-setting strategy. The methods and results of this study also provide meaningful references for other countries to set sodium targets for pre-packaged foods and implement other salt reduction strategies simultaneously

Implementasi Algoritma K-Nearest Neighbour Untuk Menentukan Nomor Klasifikasi Buku Studi Kasus: Perpustakaan Universitas Katolik Musi Charitas)

Classification of library books is important to allow visitors in search of a book. The classification system in the library of the Catholic University of Charity Musi using guide books dewey decimal classification (DDC). The problem in this research is the difficulty in determining the classification number of new books. By utilizing the methods of Information Retrieval (IR) or retrieval of information, so in this study will build an application program for classification of library books. The method will be used to classify the book library is a method of k-nearest neighbor (k-NN). The application program classification of library books is built with training data from library books Musi-Caritas Catholic University and the test data is a new book. Applications are made capable of classifying new library book