87 research outputs found
A Categorical Treatment of Malicious Behavioral Obfuscation
International audienceThis paper studies malicious behavioral obfuscation through the use of a new abstract model for process and kernel interactions based on monoidal categories. In this model, program observations are consid-ered to be finite lists of system call invocations. In a first step, we show how malicious behaviors can be obfuscated by simulating the observa-tions of benign programs. In a second step, we show how to generate such malicious behaviors through a technique called path replaying and we extend the class of captured malwares by using some algorithmic transformations on morphisms graphical representation. In a last step, we show that all the obfuscated versions we obtained can be used to detect well-known malwares in practice
Photometric selection of high-redshift type Ia supernovae
We present a method for selecting high-redshift type Ia supernovae (SNe Ia)
located via rolling SN searches. The technique, using both color and magnitude
information of events from only 2-3 epochs of multi-band real-time photometry,
is able to discriminate between SNe Ia and core collapse SNe. Furthermore, for
the SNe Ia, the method accurately predicts the redshift, phase and light-curve
parameterization of these events based only on pre-maximum-light data. We
demonstrate the effectiveness of the technique on a simulated survey of SNe Ia
and core-collapse SNe, where the selection method effectively rejects most
core-collapse SNe while retaining SNe Ia. We also apply the selection code to
real-time data acquired as part of the Canada-France-Hawaii Telescope Supernova
Legacy Survey (SNLS). During the period May 2004 to January 2005 in the SNLS,
440 SN candidates were discovered of which 70 were confirmed spectroscopically
as SNe Ia and 15 as core-collapse events. For this test dataset, the selection
technique correctly identifies 100% of the identified SNe II as non-SNe Ia with
only a 1-2% false rejection rate. The predicted parameterization of the SNe Ia
has a precision of |delta_z|/(1+z_spec)<0.09 in redshift, and +/- 2-3
rest-frame days in phase, providing invaluable information for planning
spectroscopic follow-up observations. We also investigate any bias introduced
by this selection method on the ability of surveys such as SNLS to measure
cosmological parameters (e.g., w and omega matter), and find any effect to be
negligible.Comment: Accepted for publication in A
The Rise Time of Type Ia Supernovae from the Supernova Legacy Survey
We compare the rise times of nearby and distant Type Ia supernovae (SNe Ia)
as a test for evolution using 73 high-redshift spectroscopically-confirmed SNe
Ia from the first two years of the five year Supernova Legacy Survey (SNLS) and
published observations of nearby SN. Because of the ``rolling'' search nature
of the SNLS, our measurement is approximately 6 times more precise than
previous studies, allowing for a more sensitive test of evolution between
nearby and distant supernovae. Adopting a simple early-time model (as in
previous studies), we find that the rest-frame rise times for a fiducial SN
Ia at high and low redshift are consistent, with values
and
days, respectively; the statistical significance of this difference is only 1.4
\sg . The errors represent the uncertainty in the mean rather than any
variation between individual SN. We also compare subsets of our high-redshift
data set based on decline rate, host galaxy star formation rate, and redshift,
finding no substantive evidence for any subsample dependence.Comment: Accepted for publication in AJ; minor changes (spelling and
grammatical) to conform with published versio
Cube Testers and Key Recovery Attacks On Reduced-Round MD6 and Trivium
CRYPTO 2008 saw the introduction of the hash function
MD6 and of cube attacks, a type of algebraic attack applicable to cryptographic
functions having a low-degree algebraic normal form over GF(2).
This paper applies cube attacks to reduced round MD6, finding the full
128-bit key of a 14-round MD6 with complexity 2^22 (which takes less
than a minute on a single PC). This is the best key recovery attack announced
so far for MD6. We then introduce a new class of attacks called
cube testers, based on efficient property-testing algorithms, and apply
them to MD6 and to the stream cipher Trivium. Unlike the standard
cube attacks, cube testers detect nonrandom behavior rather than performing
key extraction, but they can also attack cryptographic schemes
described by nonrandom polynomials of relatively high degree. Applied
to MD6, cube testers detect nonrandomness over 18 rounds in 2^17 complexity;
applied to a slightly modified version of the MD6 compression
function, they can distinguish 66 rounds from random in 2^24 complexity.
Cube testers give distinguishers on Trivium reduced to 790 rounds from
random with 2^30 complexity and detect nonrandomness over 885 rounds
in 2^27, improving on the original 767-round cube attack
Advanced Detection Tool for PDF Threats
In this paper we introduce an efficient application for malicious PDF detection: ADEPT. With targeted attacks rising over the recent past, exploring a new detection and mitigation paradigm becomes mandatory. The use of malicious PDF files that exploit vulnerabilities in well-known PDF readers has become a popular vector for targeted at- tacks, for which few efficient approaches exist. Although simple in theory, parsing followed by analysis of such files is resource-intensive and may even be impossible due to several obfuscation and reader-specific artifacts. Our paper describes a new approach for detecting such malicious payloads that leverages machine learning techniques and an efficient feature selection mechanism for rapidly detecting anomalies. We assess our approach on a large selection of malicious files and report the experimental performance results for the developed prototype
SALT2: using distant supernovae to improve the use of Type Ia supernovae as distance indicators
We present an empirical model of Type Ia supernovae spectro-photometric
evolution with time. The model is built using a large data set including
light-curves and spectra of both nearby and distant supernovae, the latter
being observed by the SNLS collaboration. We derive the average spectral
sequence of Type Ia supernovae and their main variability components including
a color variation law. The model allows us to measure distance moduli in the
spectral range 2500-8000 A with calculable uncertainties, including those
arising from variability of spectral features. Thanks to the use of
high-redshift SNe to model the rest-frame UV spectral energy distribution, we
are able to derive improved distance estimates for SNe Ia in the redshift range
0.8<z<1.1. The model can also be used to improve spectroscopic identification
algorithms, and derive photometric redshifts of distant Type Ia supernovae.Comment: Accepted for publication in A&A. Data and source code available at :
http://supernovae.in2p3.fr/~guy/salt
On Hardware Implementation of Tang-Maitra Boolean Functions
In this paper, we investigate the hardware circuit complexity of the class of Boolean functions recently introduced by Tang and Maitra (IEEE-TIT 64(1): 393 402, 2018). While this class of functions has very good cryptographic properties, the exact hardware requirement is an immediate concern as noted in the paper itself. In this direction, we consider different circuit architectures based on finite field arithmetic and Boolean optimization. An estimation of the circuit complexity is provided for such functions given any input size n. We study different candidate architectures for implementing these functions, all based on the finite field arithmetic. We also show different implementations for both ASIC and FPGA, providing further analysis on the practical aspects of the functions in question and the relation between these implementations and the theoretical bound. The practical results show that the Tang-Maitra functions are quite competitive in terms of area, while still maintaining an acceptable level of throughput performance for both ASIC and FPGA implementations
- …