221 research outputs found
Hardware-Entangled Software Execution using Dynamic PUFs
Low-end computing devices are becoming increasingly ubiquitous, especially due to the widespread deployment of Internet-of-Things products. There is, however, much concern about sensitive data being processed on these low-end devices which have limited protection mechanisms in place. This paper proposes a Hardware-Entangled Software Protection (HESP) scheme that leverages hardware features to protect software code from malicious modification before or during run-time. It also enables implicit hardware authentication. Thus, the software will execute correctly only on an authorized device and if the timing of the software, e.g., control flow, was not changed through malicious modifications. The proposed ideas are based on the new concept of Dynamic Physically Unclonable Functions (PUFs). Dynamic PUFs have time-varying responses and can be used to tie the software execution to the timing of software and the physical properties of a hardware device. It is further combined with existing approaches for code self-checksumming, software obfuscation, and call graph and register value scrambling to create the HESP scheme. HESP is demonstrated on commodity, off-the-shelf computing devices, where a DRAM PUF is used as an instance of a Dynamic PUF. The protection scheme can be applied automatically to LLVM Intermediate Representation (IR) code through an AutoPatcher written in Python. For a sample program containing AES encryption and decryption routine, HESP introduces 48% execution time overhead and increases the binary file size by 32.5%, which is moderate compared to other schemes such as software obfuscation. It takes about 2.6 seconds on average for the tested programs to be patched and compiled through the modified compilation flow and scripts
MPCViT: Searching for MPC-friendly Vision Transformer with Heterogeneous Attention
Secure multi-party computation (MPC) enables computation directly on
encrypted data on non-colluding untrusted servers and protects both data and
model privacy in deep learning inference. However, existing neural network (NN)
architectures, including Vision Transformers (ViTs), are not designed or
optimized for MPC protocols and incur significant latency overhead due to the
Softmax function in the multi-head attention (MHA). In this paper, we propose
an MPC-friendly ViT, dubbed MPCViT, to enable accurate yet efficient ViT
inference in MPC. We systematically compare different attention variants in MPC
and propose a heterogeneous attention search space, which combines the
high-accuracy and MPC-efficient attentions with diverse structure
granularities. We further propose a simple yet effective differentiable neural
architecture search (NAS) algorithm for fast ViT optimization. MPCViT
significantly outperforms prior-art ViT variants in MPC. With the proposed NAS
algorithm, our extensive experiments demonstrate that MPCViT achieves 7.9x and
2.8x latency reduction with better accuracy compared to Linformer and MPCFormer
on the Tiny-ImageNet dataset, respectively. Further, with proper knowledge
distillation (KD), MPCViT even achieves 1.9% better accuracy compared to the
baseline ViT with 9.9x latency reduction on the Tiny-ImageNet dataset.Comment: 6 pages, 6 figure
OrdinalFix: Fixing Compilation Errors via Shortest-Path CFL Reachability
The development of correct and efficient software can be hindered by
compilation errors, which must be fixed to ensure the code's syntactic
correctness and program language constraints. Neural network-based approaches
have been used to tackle this problem, but they lack guarantees of output
correctness and can require an unlimited number of modifications. Fixing
compilation errors within a given number of modifications is a challenging
task. We demonstrate that finding the minimum number of modifications to fix a
compilation error is NP-hard. To address compilation error fixing problem, we
propose OrdinalFix, a complete algorithm based on shortest-path CFL
(context-free language) reachability with attribute checking that is guaranteed
to output a program with the minimum number of modifications required.
Specifically, OrdinalFix searches possible fixes from the smallest to the
largest number of modifications. By incorporating merged attribute checking to
enhance efficiency, the time complexity of OrdinalFix is acceptable for
application. We evaluate OrdinalFix on two datasets and demonstrate its ability
to fix compilation errors within reasonable time limit. Comparing with existing
approaches, OrdinalFix achieves a success rate of 83.5%, surpassing all
existing approaches (71.7%).Comment: Accepted by ASE 202
Generalized Equivariance and Preferential Labeling for GNN Node Classification
Existing graph neural networks (GNNs) largely rely on node embeddings, which
represent a node as a vector by its identity, type, or content. However, graphs
with unattributed nodes widely exist in real-world applications (e.g.,
anonymized social networks). Previous GNNs either assign random labels to nodes
(which introduces artefacts to the GNN) or assign one embedding to all nodes
(which fails to explicitly distinguish one node from another). Further, when
these GNNs are applied to unattributed node classification problems, they have
an undesired equivariance property, which are fundamentally unable to address
the data with multiple possible outputs. In this paper, we analyze the
limitation of existing approaches to node classification problems. Inspired by
our analysis, we propose a generalized equivariance property and a Preferential
Labeling technique that satisfies the desired property asymptotically.
Experimental results show that we achieve high performance in several
unattributed node classification tasks
Analysis of Secure Caches using a Three-Step Model for Timing-Based Attacks
Many secure cache designs have been proposed in literature with the aim of mitigating different types of cache timing-based attacks. However, there has so far been no systematic analysis of how these secure cache designs can, or cannot, protect
against different types of the timing-based attacks. To provide a means of analyzing the caches, this paper presents
a novel three-step modeling approach that is used to exhaustively enumerate all the possible cache timing-based vulnerabilities. The model covers not only attacks that leverage cache accesses or flushes from the local processor core, but also attacks that leverage changes in the cache state due to the cache coherence protocol actions from remote cores. Moreover, both conventional attacks and speculative execution attacks are considered. With the list of all possible cache timing vulnerabilities derived from the three-step model, this work further manually analyzes each of the existing secure cache designs to show which types of timing-based side-channel vulnerabilities each secure cache can mitigate. Based on the security analysis of the existing secure cache designs using the new three-step model, this paper further summarizes different techniques gleaned from the secure cache designs and their ability help mitigate different types of cache timing-based vulnerabilities
Feature Decoupling-Recycling Network for Fast Interactive Segmentation
Recent interactive segmentation methods iteratively take source image, user
guidance and previously predicted mask as the input without considering the
invariant nature of the source image. As a result, extracting features from the
source image is repeated in each interaction, resulting in substantial
computational redundancy. In this work, we propose the Feature
Decoupling-Recycling Network (FDRN), which decouples the modeling components
based on their intrinsic discrepancies and then recycles components for each
user interaction. Thus, the efficiency of the whole interactive process can be
significantly improved. To be specific, we apply the Decoupling-Recycling
strategy from three perspectives to address three types of discrepancies,
respectively. First, our model decouples the learning of source image semantics
from the encoding of user guidance to process two types of input domains
separately. Second, FDRN decouples high-level and low-level features from
stratified semantic representations to enhance feature learning. Third, during
the encoding of user guidance, current user guidance is decoupled from
historical guidance to highlight the effect of current user guidance. We
conduct extensive experiments on 6 datasets from different domains and
modalities, which demonstrate the following merits of our model: 1) superior
efficiency than other methods, particularly advantageous in challenging
scenarios requiring long-term interactions (up to 4.25x faster), while
achieving favorable segmentation performance; 2) strong applicability to
various methods serving as a universal enhancement technique; 3) well
cross-task generalizability, e.g., to medical image segmentation, and
robustness against misleading user guidance.Comment: Accepted to ACM MM 202
- …