1,407 research outputs found
Threshold autoregression with a near unit root
unit root;autoregressive models
Tests for cointegration with infinite variance errors
Cataloged from PDF version of article.This paper develops the asymptotic theory for residual-based tests and quasi-likelihood ratio tests for cointegration under the assumption of infinite variance errors. This article extends the results of Phillips and Ouliaris (1990) and Johansen (1988, 1991) which are derived under the assumption of square-integrable errors. Here the limit laws are expressed in terms of functionals of symmetric stable laws rather than Brownian motion. Critical values of the residual-based tests of Phillips and Ouliaris (1990) and likelihood-ratio-based tests of Johansen (1991) are calculated and tabulated.
We also investigate whether these tests are robust to infinite variance errors. We found that regardless of the index of stability a, the residual-based tests are more robust to infinite variance errors than the likelihood-ratio-based tests. (C) 1998 Elsevier Science S.A. All rights reserved
ZeroLeak: Using LLMs for Scalable and Cost Effective Side-Channel Patching
Security critical software, e.g., OpenSSL, comes with numerous side-channel
leakages left unpatched due to a lack of resources or experts. The situation
will only worsen as the pace of code development accelerates, with developers
relying on Large Language Models (LLMs) to automatically generate code. In this
work, we explore the use of LLMs in generating patches for vulnerable code with
microarchitectural side-channel leakages. For this, we investigate the
generative abilities of powerful LLMs by carefully crafting prompts following a
zero-shot learning approach. All generated code is dynamically analyzed by
leakage detection tools, which are capable of pinpointing information leakage
at the instruction level leaked either from secret dependent accesses or
branches or vulnerable Spectre gadgets, respectively. Carefully crafted prompts
are used to generate candidate replacements for vulnerable code, which are then
analyzed for correctness and for leakage resilience. From a cost/performance
perspective, the GPT4-based configuration costs in API calls a mere few cents
per vulnerability fixed. Our results show that LLM-based patching is far more
cost-effective and thus provides a scalable solution. Finally, the framework we
propose will improve in time, especially as vulnerability detection tools and
LLMs mature
A locally optimal seasonal unit-root test
This article proposes a locally best invariant test of the null hypothesis of seasonal stationarity against the alternative of seasonal unit roots at all or individual seasonal frequencies. An asymptotic distribution theory is derived and the finite-sample properties of the test are examined in a Monte Carlo simulation. My test is also compared with the Canova and Hansen test. The proposed test is superior to the Canova and Hansen test in terms of both size and power
Mayhem: Targeted Corruption of Register and Stack Variables
In the past decade, many vulnerabilities were discovered in
microarchitectures which yielded attack vectors and motivated the study of
countermeasures. Further, architectural and physical imperfections in DRAMs led
to the discovery of Rowhammer attacks which give an adversary power to
introduce bit flips in a victim's memory space. Numerous studies analyzed
Rowhammer and proposed techniques to prevent it altogether or to mitigate its
effects.
In this work, we push the boundary and show how Rowhammer can be further
exploited to inject faults into stack variables and even register values in a
victim's process. We achieve this by targeting the register value that is
stored in the process's stack, which subsequently is flushed out into the
memory, where it becomes vulnerable to Rowhammer. When the faulty value is
restored into the register, it will end up used in subsequent iterations. The
register value can be stored in the stack via latent function calls in the
source or by actively triggering signal handlers. We demonstrate the power of
the findings by applying the techniques to bypass SUDO and SSH authentication.
We further outline how MySQL and other cryptographic libraries can be targeted
with the new attack vector. There are a number of challenges this work
overcomes with extensive experimentation before coming together to yield an
end-to-end attack on an OpenSSL digital signature: achieving co-location with
stack and register variables, with synchronization provided via a blocking
window. We show that stack and registers are no longer safe from the Rowhammer
attack
Contribution of heme oxygenase 2 to blood pressure regulation in response to swimming exercise and detraining in spontaneously hypertensive rats
Background: We aimed to determine the effects of exercise followed by detraining on systolic blood pressure (SBP), heme oxygenase 2 (HO-2) expression, and carboxyhemoglobin (COHb) concentration in spontaneously hypertensive rats (SHR) to explain the role of carbon monoxide (CO) in this process. Material/Methods: Animals were randomized into exercised and detrained groups. Corresponding sedentary rats were grouped as Time 1–2. Swimming of 60 min/5 days/week for 10 weeks was applied. Detraining rats discontinued training for an additional 5 weeks. Gene and protein expressions were determined by real-time PCR and immunohistochemistry. Results: Aorta HO-2 histological scores (HSCORE) of hypertensive rats were lower, while SBP was higher. Swimming caused enhancement of HO-2 immunostaining in aorta endothelium and adventitia of SHR. Exercise induced elevation of blood COHb index in SHR. Synchronous BP lowering effect of exercise was observed. HO-2 mRNA expression, HSCORE, and blood COHb index were unaltered during detraining, while SBP was still low in SHR. Conclusions: CO synthesized by HO-2 at least partly plays a role in SBP regulation in the SHR-and BP-lowering effect of exercise. Regular exercise with short-term pauses may be advised to both hypertensives and individuals who are at risk. © Med Sci Monit
Photonuclear reactions with Zinc: A case for clinical linacs
The use of bremsstrahlung photons produced by a linac to induce photonuclear
reactions is wide spread. However, using a clinical linac to produce the
photons is a new concept. We aimed to induce photonuclear reactions on zinc
isotopes and measure the subsequent transition energies and half-lives. For
this purpose, a bremsstrahlung photon beam of 18 MeV endpoint energy produced
by the Philips SLI-25 linac has been used. The subsequent decay has been
measured with a well-shielded single HPGe detector. The results obtained for
transition energies are in good agreement with the literature data and in many
cases surpass these in accuracy. For the half-lives, we are in agreement with
the literature data, but do not achieve their precision. The obtained accuracy
for the transition energies show what is achievable in an experiment such as
ours. We demonstrate the usefulness and benefits of employing clinical linacs
for nuclear physics experiments
Don't Knock! Rowhammer at the Backdoor of DNN Models
State-of-the-art deep neural networks (DNNs) have been proven to be
vulnerable to adversarial manipulation and backdoor attacks. Backdoored models
deviate from expected behavior on inputs with predefined triggers while
retaining performance on clean data. Recent works focus on software simulation
of backdoor injection during the inference phase by modifying network weights,
which we find often unrealistic in practice due to restrictions in hardware.
In contrast, in this work for the first time, we present an end-to-end
backdoor injection attack realized on actual hardware on a classifier model
using Rowhammer as the fault injection method. To this end, we first
investigate the viability of backdoor injection attacks in real-life
deployments of DNNs on hardware and address such practical issues in hardware
implementation from a novel optimization perspective. We are motivated by the
fact that vulnerable memory locations are very rare, device-specific, and
sparsely distributed. Consequently, we propose a novel network training
algorithm based on constrained optimization to achieve a realistic backdoor
injection attack in hardware. By modifying parameters uniformly across the
convolutional and fully-connected layers as well as optimizing the trigger
pattern together, we achieve state-of-the-art attack performance with fewer bit
flips. For instance, our method on a hardware-deployed ResNet-20 model trained
on CIFAR-10 achieves over 89% test accuracy and 92% attack success rate by
flipping only 10 out of 2.2 million bits.Comment: 2023 53rd Annual IEEE/IFIP International Conference on Dependable
Systems and Networks (DSN
- …