Understanding Database Reconstruction Attacks on Public Data

In 2020 the U.S. Census Bureau will conduct the Constitutionally mandated decennial Census of Population and Housing. Because a census involves collecting large amounts of private data under the promise of confidentiality, traditionally statistics are published only at high levels of aggregation. Published statistical tables are vulnerable to DRAs (database reconstruction attacks), in which the underlying microdata is recovered merely by finding a set of microdata that is consistent with the published statistical tabulations. A DRA can be performed by using the tables to create a set of mathematical constraints and then solving the resulting set of simultaneous equations. This article shows how such an attack can be addressed by adding noise to the published tabulations, so that the reconstruction no longer results in the original data

Alternative measures of the monetary base: what are the differences and are they important?

Monetary policy

The link between M1 and the monetary base in the 198O's

Monetary policy ; Money supply

Digital Forensics Overview

Digital Evaluation and Exploitation (DEEP): Research in "trusted" systems and exploitation

Providing cryptographic security and evidentiary chain-of-custody with the advanced forensic format, library, and tools

This paper presents improvements in the Advanced Forensics Format Library version 3 that provide for digital signatures and other cryptographic protections for digital evidence, allowing an investigator to establish a reliable chain-of-custody for electronic evidence from the crime scene to the court room. No other system for handling and storing electronic evidence currently provides such capabilities. This paper discusses implementation details, user level commands, and the AFFLIB programmer's API.Approved for public release; distribution is unlimited

Carving contiguous and fragmented files with fast object validation

http://dx.doi.org/10.1016/j.dlin.2007.06.017"File carving" reconstructs files based on their content, rather than using metadata that points to the content. Carving is widely used for forensics and data recovery, but no file carvers can automatically reassemble fragmented files. We survey files from more than 300 hard drives acquired on the secondary market and show that the ability to reassemble fragmented files is an important requirement for forensic work. Next we analyze the file carving problem, arguing that rapid, accurate carving is best performed by a multi-tier decision problem that seeks to quickly validate or discard candidate byte strings -- "object" -- from the media to be carved. Validators for the JPEG, Microsoft OLE (MSOLE) and ZIP file formats are discussed. Finally, we show how high speed validators can be used to reassemble fragmented files

IRBs and Security Research: Myths, Facts and Mission Creep

Having decided to focus attention on the “weak link” of human fallibility, a growing number of security researchers are discovering the US Government’s regulations that govern human subject research. This paper discusses those regulations, their application to research on security and usability, and presents strategies for negotiating the Institutional Review Board (IRB) approval process. It argues that a strict interpretation of regulations has the potential to stymie security research

Development and fabrication of improved Schottky power diodes

Reproducible methods for the fabrication of silicon Schottky diodes have been developed for tungsten, aluminum, conventional platinum silicide, and low temperature platinum silicide. Barrier heights and barrier lowering under reverse bias have been measured, permitting the accurate prediction of forward and reverse diode characteristics. Processing procedures have been developed that permit the fabrication of large area (about 1 sq cm) mesageometry power Schottky diodes with forward and reverse characteristics that approach theoretical values. A theoretical analysis of the operation of bridge rectifier circuits has been performed, which indicates the ranges of frequency and voltage for which Schottky rectifiers are preferred to p-n junctions. Power Schottky rectifiers have been fabricated and tested for voltage ratings up to 140 volts

Operations with Degraded Security

Modern systems aren't designed to support some ongoing operations after their security is compromised. Using the ResiliNets model, the authors discuss five strategies for operating in a degraded security environment