1,173 research outputs found
A Characterization of Undirected Graphs Admitting Optimal Cost Shares
In a seminal paper, Chen, Roughgarden and Valiant studied cost sharing
protocols for network design with the objective to implement a low-cost Steiner
forest as a Nash equilibrium of an induced cost-sharing game. One of the most
intriguing open problems to date is to understand the power of budget-balanced
and separable cost sharing protocols in order to induce low-cost Steiner
forests. In this work, we focus on undirected networks and analyze topological
properties of the underlying graph so that an optimal Steiner forest can be
implemented as a Nash equilibrium (by some separable cost sharing protocol)
independent of the edge costs. We term a graph efficient if the above stated
property holds. As our main result, we give a complete characterization of
efficient undirected graphs for two-player network design games: an undirected
graph is efficient if and only if it does not contain (at least) one out of few
forbidden subgraphs. Our characterization implies that several graph classes
are efficient: generalized series-parallel graphs, fan and wheel graphs and
graphs with small cycles.Comment: 60 pages, 69 figures, OR 2017 Berlin, WINE 2017 Bangalor
Harzer Roller: Linker-Based Instrumentation for Enhanced Embedded Security Testing
Due to the rise of the Internet of Things, there are many new chips and
platforms available for hobbyists and industry alike to build smart devices.
The SDKs for these new platforms usually include closed-source binaries
containing wireless protocol implementations, cryptographic implementations, or
other library functions, which are shared among all user code across the
platform. Leveraging such a library vulnerability has a high impact on a given
platform. However, as these platforms are often shipped ready-to-use, classic
debug infrastructure like JTAG is often times not available.
In this paper, we present a method, called Harzer Roller, to enhance embedded
firmware security testing on resource-constrained devices. With the Harzer
Roller, we hook instrumentation code into function call and return. The hooking
not only applies to the user application code but to the SDK used to build
firmware as well. While we keep the design of the Harzer Rollergenerally
architecture independent, we provide an implementation for the ESP8266 Wi-Fi
IoT chip based on the xtensa architecture.
We show that the Harzer Roller can be leveraged to trace execution flow
through libraries without available source code and to detect stack-based
buffer-overflows. Additionally, we showcase how the overflow detection can be
used to dump debugging information for later analysis. This enables better
usage of a variety of software security testing methods like fuzzing of
wireless protocol implementations or proof-of-concept attack development.Comment: 9 Pages, 7 Figures, ROOTS'1
A Mott-Schottky Analysis of Mesoporous Silicon in Aqueous Electrolyte by Electrochemical Impedance Spectroscopy
Nanoporosity in silicon leads to completely new functionalities of this
mainstream semiconductor. In recent years, it has been shown that filling the
pores with aqueous electrolytes in addition opens a particularly wide field for
modifying and achieving active control of these functionalities, e.g., for
electrochemo-mechanical actuation and tunable photonics, or for the design of
on-chip supercapacitors. However, a mechanistic understanding of these new
features has been hampered by the lack of a detailed characterization of the
electrochemical behavior of mesoporous silicon in aqueous electrolytes. Here,
the capacitive, potential-controlled charging of the electrical double layer in
a mesoporous silicon electrode (pore diameter ) imbibed with
perchloric acid solution is studied by electrochemical impedance spectroscopy.
Thorough measurements with detailed explanations of the observed phenomena lead
to a comprehensive understanding of the capacitive properties of porous
silicon. An analysis based on the Mott-Schottky equation allows general
conclusions to be drawn about the state of the band structure within the pore
walls. Essential parameters such as the flat band potential, the doping density
and the width of the space charge region can be determined. A comparison with
bulk silicon shows that the flat band potential in particular is significantly
altered by the introduction of nanopores, as it shifts from
to . Overall, this study
provides a unique insight into the electrochemical processes, especially the
electrical double layer charging, of nanoporous semiconductor electrodes.Comment: 5 pages, 3 figure
Wafer-Scale Electroactive Nanoporous Silicon: Large and Fully Reversible Electrochemo-Mechanical Actuation in Aqueous Electrolytes
Nanoporosity in silicon results in an interface-dominated mechanics, fluidics
and photonics that are often superior to the ones of the bulk material.
However, their active control, e.g. as a response to electronic stimuli, is
challenging due to the absence of intrinsic piezoelectricity in the base
material. Here, for large-scale nanoporous silicon cantilevers wetted by
aqueous electrolytes, we show electrosorption-induced mechanical stress
generation of up to 600 kPa that is reversible and adjustable at will by
electrical potential variations of approximately 1 V. Laser cantilever bending
experiments in combination with in-operando cyclic voltammetry and
step-coulombmetry allow us to quantitatively trace this large electro-actuation
to the concerted action of 100 billions of parallel nanopores per square
centimeter cross section and to determine the capacitive charge-stress coupling
parameter upon ion ad- and desorption as well as the intimately related stress
actuation dynamics for perchloric and isotonic saline solutions. A comparison
with planar silicon surfaces reveals mechanistic insights on the observed
electrocapillarity (electrostatic Hellmann-Feynman interactions) with respect
to the importance of oxide formation and pore-wall roughness on the
single-nanopore scale. The observation of robust electrochemo-mechanical
actuation in a mainstream semiconductor with wafer-scale, self-organized
nanoporosity opens up entirely novel opportunities for on-chip integrated
stress generation and actuorics at exceptionally low operation voltages.Comment: 14 pages, 5 figures, supplementary information available as ancillary
fil
A fourth–order derivation for smoothed particle hydrodynamics to model thermodynamically–based phase decomposition
Phase decomposition and phase separation play important roles in the preparation of precipitation membranes. Phase decomposition is a diffusion–controlled process on a short time scale. Phase separation is a convection–controlled process on a long time scale. It is necessary to describe the coarsening dynamics of different time scales in only one model, to simulate the complete preparation process of precipitation membranes. In a first step, we will present a Smoothed Particle Hydrodynamics (SPH) model to describe diffusion–controlled phase decomposition. Therefore, an approximation for the fourth–order derivation for SPH is introduced and validated with a power law for coarsening dynamics. Finally, we will present the results of pseudo–binary phase decomposition of the preparation process for polymer membranes
Outcome prediction in mathematical models of immune response to infection
Clinicians need to predict patient outcomes with high accuracy as early as
possible after disease inception. In this manuscript, we show that
patient-to-patient variability sets a fundamental limit on outcome prediction
accuracy for a general class of mathematical models for the immune response to
infection. However, accuracy can be increased at the expense of delayed
prognosis. We investigate several systems of ordinary differential equations
(ODEs) that model the host immune response to a pathogen load. Advantages of
systems of ODEs for investigating the immune response to infection include the
ability to collect data on large numbers of `virtual patients', each with a
given set of model parameters, and obtain many time points during the course of
the infection. We implement patient-to-patient variability in the ODE
models by randomly selecting the model parameters from Gaussian distributions
with variance that are centered on physiological values. We use logistic
regression with one-versus-all classification to predict the discrete
steady-state outcomes of the system. We find that the prediction algorithm
achieves near accuracy for , and the accuracy decreases with
increasing for all ODE models studied. The fact that multiple steady-state
outcomes can be obtained for a given initial condition, i.e. the basins of
attraction overlap in the space of initial conditions, limits the prediction
accuracy for . Increasing the elapsed time of the variables used to train
and test the classifier, increases the prediction accuracy, while adding
explicit external noise to the ODE models decreases the prediction accuracy.
Our results quantify the competition between early prognosis and high
prediction accuracy that is frequently encountered by clinicians.Comment: 14 pages, 7 figure
The finite sample performance of semi- and nonparametric estimators for treatment effects and policy evaluation
This paper investigates the fi nite sample performance of a comprehensive set of semi- and nonparametric estimators for treatment and policy evaluation. In contrast to previous simulation studies which mostly considered semiparametric approaches relying on parametric propensity score estimation, we also consider more fl exible approaches based on semi- or nonparametric propensity scores, nonparametric regression, and direct covariate matching. In addition to (pair, radius, and kernel) matching, inverse probability weighting, regression, and doubly robust estimation, our studies also cover recently proposed estimators such as genetic matching, entropy balancing, and empirical likelihood estimation. We vary a range of features (sample size, selection into treatment, effect heterogeneity, and correct/misspecification) in our simulations and fi nd that several nonparametric estimators by and large outperform commonly used treatment estimators using a parametric propensity score. Nonparametric regression, nonparametric doubly robust estimation, nonparametric IPW, and one-to-many covariate matching perform best
Extracting Secrets from Encrypted Virtual Machines
AMD SEV is a hardware extension for main memory encryption on multi-tenant
systems. SEV uses an on-chip coprocessor, the AMD Secure Processor, to
transparently encrypt virtual machine memory with individual, ephemeral keys
never leaving the coprocessor. The goal is to protect the confidentiality of
the tenants' memory from a malicious or compromised hypervisor and from memory
attacks, for instance via cold boot or DMA. The SEVered attack has shown that
it is nevertheless possible for a hypervisor to extract memory in plaintext
from SEV-encrypted virtual machines without access to their encryption keys.
However, the encryption impedes traditional virtual machine introspection
techniques from locating secrets in memory prior to extraction. This can
require the extraction of large amounts of memory to retrieve specific secrets
and thus result in a time-consuming, obvious attack. We present an approach
that allows a malicious hypervisor quick identification and theft of secrets,
such as TLS, SSH or FDE keys, from encrypted virtual machines on current SEV
hardware. We first observe activities of a virtual machine from within the
hypervisor in order to infer the memory regions most likely to contain the
secrets. Then, we systematically extract those memory regions and analyze their
contents on-the-fly. This allows for the efficient retrieval of targeted
secrets, strongly increasing the chances of a fast, robust and stealthy theft.Comment: Accepted for publication at CODASPY 201
- …