Inferring hidden states in Langevin dynamics on large networks: Average case performance

We present average performance results for dynamical inference problems in large networks, where a set of nodes is hidden while the time trajectories of the others are observed. Examples of this scenario can occur in signal transduction and gene regulation networks. We focus on the linear stochastic dynamics of continuous variables interacting via random Gaussian couplings of generic symmetry. We analyze the inference error, given by the variance of the posterior distribution over hidden paths, in the thermodynamic limit and as a function of the system parameters and the ratio {\alpha} between the number of hidden and observed nodes. By applying Kalman filter recursions we find that the posterior dynamics is governed by an "effective" drift that incorporates the effect of the observations. We present two approaches for characterizing the posterior variance that allow us to tackle, respectively, equilibrium and nonequilibrium dynamics. The first appeals to Random Matrix Theory and reveals average spectral properties of the inference error and typical posterior relaxation times, the second is based on dynamical functionals and yields the inference error as the solution of an algebraic equation.Comment: 20 pages, 5 figure

Efficient template attacks

This is the accepted manuscript version. The final published version is available from http://link.springer.com/chapter/10.1007/978-3-319-08302-5_17.Template attacks remain a powerful side-channel technique to eavesdrop on tamper-resistant hardware. They model the probability distribution of leaking signals and noise to guide a search for secret data values. In practice, several numerical obstacles can arise when implementing such attacks with multivariate normal distributions. We propose efficient methods to avoid these. We also demonstrate how to achieve significant performance improvements, both in terms of information extracted and computational cost, by pooling covariance estimates across all data values. We provide a detailed and systematic overview of many different options for implementing such attacks. Our experimental evaluation of all these methods based on measuring the supply current of a byte-load instruction executed in an unprotected 8-bit microcontroller leads to practical guidance for choosing an attack algorithm.Omar Choudary is a recipient of the Google Europe Fellowship in Mobile Security, and this research is supported in part by this Google Fellowship

Practical Improvements of Profiled Side-Channel Attacks on a Hardware Crypto-Accelerator

Abstract. This article investigates the relevance of the theoretical frame-work on profiled side-channel attacks presented by F.-X. Standaert et al. at Eurocrypt 2009. The analyses consist in a case-study based on side-channel measurements acquired experimentally from a hardwired crypto-graphic accelerator. Therefore, with respect to previous formal analyses carried out on software measurements or on simulated data, the inves-tigations we describe are more complex, due to the underlying chip’s architecture and to the large amount of algorithmic noise. In this dif-ficult context, we show however that with an engineer’s mindset, two techniques can greatly improve both the off-line profiling and the on-line attack. First, we explore the appropriateness of different choices for the sensitive variables. We show that a skilled attacker aware of the regis-ter transfers occurring during the cryptographic operations can select the most adequate distinguisher, thus increasing its success rate. Sec-ond, we introduce a method based on the thresholding of leakage data to accelerate the profiling or the matching stages. Indeed, leveraging on an engineer’s common sense, it is possible to visually foresee the shape of some eigenvectors thereby anticipating their estimation towards their asymptotic value by authoritatively zeroing weak components containing mainly non-informational noise. This method empowers an attacker, in that it saves traces when converging towards correct values of the secret. Concretely, we demonstrate a 5 times speed-up in the on-line phase of the attack.

A comparison of variational and Markov chain Monte Carlo methods for inference in partially observed stochastic dynamic systems

In recent work we have developed a novel variational inference method for partially observed systems governed by stochastic differential equations. In this paper we provide a comparison of the Variational Gaussian Process Smoother with an exact solution computed using a Hybrid Monte Carlo approach to path sampling, applied to a stochastic double well potential model. It is demonstrated that the variational smoother provides us a very accurate estimate of mean path while conditional variance is slightly underestimated. We conclude with some remarks as to the advantages and disadvantages of the variational smoother. © 2008 Springer Science + Business Media LLC

Strong signature of natural selection within an FHIT intron implicated in prostate cancer risk

Previously, a candidate gene linkage approach on brother pairs affected with prostate cancer identified a locus of prostate cancer susceptibility at D3S1234 within the fragile histidine triad gene (FHIT), a tumor suppressor that induces apoptosis. Subsequent association tests on 16 SNPs spanning approximately 381 kb surrounding D3S1234 in Americans of European descent revealed significant evidence of association for a single SNP within intron 5 of FHIT. In the current study, resequencing and genotyping within a 28.5 kb region surrounding this SNP further delineated the association with prostate cancer risk to a 15 kb region. Multiple SNPs in sequences under evolutionary constraint within intron 5 of FHIT defined several related haplotypes with an increased risk of prostate cancer in European-Americans. Strong associations were detected for a risk haplotype defined by SNPs 138543, 142413, and 152494 in all cases (Pearson's χ2 = 12.34, df 1, P = 0.00045) and for the homozygous risk haplotype defined by SNPs 144716, 142413, and 148444 in cases that shared 2 alleles identical by descent with their affected brothers (Pearson's χ2 = 11.50, df 1, P = 0.00070). In addition to highly conserved sequences encompassing SNPs 148444 and 152413, population studies revealed strong signatures of natural selection for a 1 kb window covering the SNP 144716 in two human populations, the European American (π = 0.0072, Tajima's D= 3.31, 14 SNPs) and the Japanese (π = 0.0049, Fay & Wu's H = 8.05, 14 SNPs), as well as in chimpanzees (Fay & Wu's H = 8.62, 12 SNPs). These results strongly support the involvement of the FHIT intronic region in an increased risk of prostate cancer. © 2008 Ding et al

Accumulation and transport of microbial-size particles in a pressure protected model burn unit: CFD simulations and experimental evidence

<p>Abstract</p> <p>Background</p> <p>Controlling airborne contamination is of major importance in burn units because of the high susceptibility of burned patients to infections and the unique environmental conditions that can accentuate the infection risk. In particular the required elevated temperatures in the patient room can create thermal convection flows which can transport airborne contaminates throughout the unit. In order to estimate this risk and optimize the design of an intensive care room intended to host severely burned patients, we have relied on a computational fluid dynamic methodology (CFD).</p> <p>Methods</p> <p>The study was carried out in 4 steps: i) patient room design, ii) CFD simulations of patient room design to model air flows throughout the patient room, adjacent anterooms and the corridor, iii) construction of a prototype room and subsequent experimental studies to characterize its performance iv) qualitative comparison of the tendencies between CFD prediction and experimental results. The Electricité De France (EDF) open-source software <it>Code_Saturne</it>^®(<url>http://www.code-saturne.org</url>) was used and CFD simulations were conducted with an hexahedral mesh containing about 300 000 computational cells. The computational domain included the treatment room and two anterooms including equipment, staff and patient. Experiments with inert aerosol particles followed by time-resolved particle counting were conducted in the prototype room for comparison with the CFD observations.</p> <p>Results</p> <p>We found that thermal convection can create contaminated zones near the ceiling of the room, which can subsequently lead to contaminate transfer in adjacent rooms. Experimental confirmation of these phenomena agreed well with CFD predictions and showed that particles greater than one micron (i.e. bacterial or fungal spore sizes) can be influenced by these thermally induced flows. When the temperature difference between rooms was 7°C, a significant contamination transfer was observed to enter into the positive pressure room when the access door was opened, while 2°C had little effect. Based on these findings the constructed burn unit was outfitted with supplemental air exhaust ducts over the doors to compensate for the thermal convective flows.</p> <p>Conclusions</p> <p>CFD simulations proved to be a particularly useful tool for the design and optimization of a burn unit treatment room. Our results, which have been confirmed qualitatively by experimental investigation, stressed that airborne transfer of microbial size particles via thermal convection flows are able to bypass the protective overpressure in the patient room, which can represent a potential risk of cross contamination between rooms in protected environments.</p

Orvinols with mixed kappa/mu opioid receptor agonist activity

[Image: see text] Dual-acting kappa opioid receptor (KOR) agonist and mu opioid receptor (MOR) partial agonist ligands have been put forward as potential treatment agents for cocaine and other psychostimulant abuse. Members of the orvinol series of ligands are known for their high binding affinity to both KOR and MOR, but efficacy at the individual receptors has not been thoroughly evaluated. In this study, it is shown that a predictive model for efficacy at KOR can be derived, with efficacy being controlled by the length of the group attached to C20 and by the introduction of branching into the side chain. In vivo evaluation of two ligands with the desired in vitro profile confirms both display KOR, and to a lesser extent MOR, activity in an analgesic assay suggesting that, in this series, in vitro measures of efficacy using the [(35)S]GTPγS assay are predictive of the in vivo profile

Automatisierung des Entwurfs vollständig testbarer Schaltungen

Die Kosten für die Testvorbereitung, Testerzeugung und Testdurchführung wachsen überproportional mit der Komplexität anwendungsspezifischer Schaltungen, und die Teststrategie sollte daher bereits in einer sehr frühen Phase des Schaltungsentwurfs festgelegt und berücksichtigt werden. In diesem Artikel werden logische Grundzellen und Algorithmen zur Unterstützung des pseudo-erschöpfenden Tests vorgestellt. Diese Teststrategie hat den Vorteil, daß die äußerst rechenzeitaufwendige Testmustererzeugung entfällt und zugleich eine vollständige Fehlererfassung auf Gatterebene garantiert ist. Die vorgestellten Grundzellen dienen der Zerlegung der Gesamtschaltung in erschöpfend testbare Teile, die präsentierten Algorithmen sollen diese Segmentierungszellen so plazieren, daß der Mehraufwand an Silizium gering bleibt. Hierzu wurden Varianten sogenannter "Hill-Climbing" und "Simulated-Annealing"-Verfahren entwickelt

From Improved Leakage Detection to the Detection of Points of Interests in Leakage Traces

Leakage detection usually refers to the task of identifying data-dependent information in side-channel measurements, independent of whether this information can be exploited. Detecting Points-Of-Interest (POIs) in leakage traces is a complementary task that is a necessary first step in most side-channel attacks, where the adversary wants to turn this information into (e.g.) a key recovery. In this paper, we discuss the differences between these tasks, by investigating a popular solution to leakage detection based on a t-test, and an alternative method exploiting Pearson\u27s correlation coefficient. We first show that the simpler t-test has better sampling complexity, and that its gain over the correlation-based test can be predicted by looking at the Signal-to-Noise Ratio (SNR) of the leakage partitions used in these tests. This implies that the sampling complexity of both tests relates more to their implicit leakage assumptions than to the actual statistics exploited. We also put forward that this gain comes at the cost of some intuition loss regarding the localization of the exploitable leakage samples in the traces, and their informativeness. Next, and more importantly, we highlight that our reasoning based on the SNR allows defining an improved t-test with significantly faster detection speed (with approximately 5 times less measurements in our experiments), which is therefore highly relevant for evaluation laboratories. We finally conclude that whereas t-tests are the method of choice for leakage detection only, correlation-based tests exploiting larger partitions are preferable for detecting POIs. We confirm this intuition by improving automated tools for the detection of POIs in the leakage measurements of a masked implementation, in a black box manner and without key knowledge, thanks to a correlation-based leakage detection test