User-Behavior Based Detection of Infection Onset

A major vector of computer infection is through exploiting software or design flaws in networked applications such as the browser. Malicious code can be fetched and executed on a victim’s machine without the user’s permission, as in drive-by download (DBD) attacks. In this paper, we describe a new tool called DeWare for detecting the onset of infection delivered through vulnerable applications. DeWare explores and enforces causal relationships between computer-related human behaviors and system properties, such as file-system access and process execution. Our tool can be used to provide real time protection of a personal computer, as well as for diagnosing and evaluating untrusted websites for forensic purposes. Besides the concrete DBD detection solution, we also formally define causal relationships between user actions and system events on a host. Identifying and enforcing correct causal relationships have important applications in realizing advanced and secure operating systems. We perform extensive experimental evaluation, including a user study with 21 participants, thousands of legitimate websites (for testing false alarms), as well as 84 malicious websites in the wild. Our results show that DeWare is able to correctly distinguish legitimate download events from unauthorized system events with a low false positive rate (< 1%)

Self-current induced spin-orbit torque in FeMn/Pt multilayers

Extensive efforts have been devoted to the study of spin-orbit torque in ferromagnetic metal/heavy metal bilayers and exploitation of it for magnetization switching using an in-plane current. As the spin-orbit torque is inversely proportional to the thickness of the ferromagnetic layer, sizable effect has only been realized in bilayers with an ultrathin ferromagnetic layer. Here we demonstrate that, by stacking ultrathin Pt and FeMn alternately, both ferromagnetic properties and current induced spin-orbit torque can be achieved in FeMn/Pt multilayers without any constraint on its total thickness. The critical behavior of these multilayers follows closely three-dimensional Heisenberg model with a finite Curie temperature distribution. The spin torque effective field is about 4 times larger than that of NiFe/Pt bilayer with a same equivalent NiFe thickness. The self-current generated spin torque is able to switch the magnetization reversibly without the need for an external field or a thick heavy metal layer. The removal of both thickness constraint and necessity of using an adjacent heavy metal layer opens new possibilities for exploiting spin-orbit torque for practical applications.Comment: 28 pages, 5 figure

2-Benzyl-3-hy­droxy-3-methyl-2,3-dihydro-1H-isoindol-1-one

In the title compound, C16H15NO2, the isoindoline ring system is approximately planar (mean deviation = 0.0186 Å) and makes a dihedral angle of 61.91 (4)° with the phenyl ring. In the crystal, mol­ecules form inversion dimers via pairs of O—H⋯O hydrogen bonds

Graphene field effect transistors with ferroelectric gating

Recent experiments on ferroelectric gating have introduced a novel functionality, i.e. nonvolatility, in graphene field effect transistors. A comprehensive understanding in the non-linear, hysteretic ferroelectric gating and an effective way to control it are still absent. In this letter, we quantitatively characterize the hysteretic ferroelectric gating using the reference of an independent background doping (nBG) provided by normal dielectric gating. More importantly, we prove that nBG can be used to control the ferroelectric gating by unidirectionally shifting the hysteretic ferroelectric doping in graphene. Utilizing this electrostatic effect, we demonstrate symmetrical bit writing in graphene-ferroelectric FETs with resistance change over 500% and reproducible no-volatile switching over 10^5 cycles.Comment: 5 Pages; 4 figures; two column forma

PromptCARE: Prompt Copyright Protection by Watermark Injection and Verification

Large language models (LLMs) have witnessed a meteoric rise in popularity among the general public users over the past few months, facilitating diverse downstream tasks with human-level accuracy and proficiency. Prompts play an essential role in this success, which efficiently adapt pre-trained LLMs to task-specific applications by simply prepending a sequence of tokens to the query texts. However, designing and selecting an optimal prompt can be both expensive and demanding, leading to the emergence of Prompt-as-a-Service providers who profit by providing well-designed prompts for authorized use. With the growing popularity of prompts and their indispensable role in LLM-based services, there is an urgent need to protect the copyright of prompts against unauthorized use. In this paper, we propose PromptCARE, the first framework for prompt copyright protection through watermark injection and verification. Prompt watermarking presents unique challenges that render existing watermarking techniques developed for model and dataset copyright verification ineffective. PromptCARE overcomes these hurdles by proposing watermark injection and verification schemes tailor-made for prompts and NLP characteristics. Extensive experiments on six well-known benchmark datasets, using three prevalent pre-trained LLMs (BERT, RoBERTa, and Facebook OPT-1.3b), demonstrate the effectiveness, harmlessness, robustness, and stealthiness of PromptCARE.Comment: To Appear in the 45th IEEE Symposium on Security and Privacy 2024, code is available at: https://github.com/grasses/PromptCAR

Deciphering of interactions between platinated DNA and HMGB1 by hydrogen/deuterium exchange mass spectrometry

A high mobility group box 1 (HMGB1) protein has been reported to recognize both 1,2-intrastrand crosslinked DNA by cisplatin (1,2-cis-Pt-DNA) and monofunctional platinated DNA using trans-[PtCl2(NH3)(thiazole)] (1-trans-PtTz-DNA). However, the molecular basis of recognition between the trans-PtTz-DNA and HMGB1 remains unclear. In the present work, we described a hydrogen/deuterium exchange mass spectrometry (HDX-MS) method in combination with docking simulation to decipher the interactions of platinated DNA with domain A of HMGB1. The global deuterium uptake results indicated that 1-trans-PtTz-DNA bound to HMGB1a slightly tighter than the 1,2-cis-Pt-DNA. The local deuterium uptake at the peptide level revealed that the helices I and II, and loop 1 of HMGB1a were involved in the interactions with both platinated DNA adducts. However, docking simulation disclosed different H-bonding networks and distinct DNA-backbone orientations in the two Pt-DNA-HMGB1a complexes. Moreover, the Phe37 residue of HMGB1a was shown to play a key role in the recognition between HMGB1a and the platinated DNAs. In the cis-Pt-DNA-HMGB1a complex, the phenyl ring of Phe37 intercalates into a hydrophobic notch created by the two platinated guanines, while in the trans-PtTz-DNA-HMGB1a complex the phenyl ring appears to intercalate into a hydrophobic crevice formed by the platinated guanine and the opposite adenine in the complementary strand, forming a penta-layer π–π stacking associated with the adjacent thymine and the thiazole ligand. This work demonstrates that HDX-MS associated with docking simulation is a powerful tool to elucidate the interactions between platinated DNAs and proteins

Enabling Runtime Verification of Causal Discovery Algorithms with Automated Conditional Independence Reasoning (Extended Version)

Causal discovery is a powerful technique for identifying causal relationships among variables in data. It has been widely used in various applications in software engineering. Causal discovery extensively involves conditional independence (CI) tests. Hence, its output quality highly depends on the performance of CI tests, which can often be unreliable in practice. Moreover, privacy concerns arise when excessive CI tests are performed. Despite the distinct nature between unreliable and excessive CI tests, this paper identifies a unified and principled approach to addressing both of them. Generally, CI statements, the outputs of CI tests, adhere to Pearl's axioms, which are a set of well-established integrity constraints on conditional independence. Hence, we can either detect erroneous CI statements if they violate Pearl's axioms or prune excessive CI statements if they are logically entailed by Pearl's axioms. Holistically, both problems boil down to reasoning about the consistency of CI statements under Pearl's axioms (referred to as CIR problem). We propose a runtime verification tool called CICheck, designed to harden causal discovery algorithms from reliability and privacy perspectives. CICheck employs a sound and decidable encoding scheme that translates CIR into SMT problems. To solve the CIR problem efficiently, CICheck introduces a four-stage decision procedure with three lightweight optimizations that actively prove or refute consistency, and only resort to costly SMT-based reasoning when necessary. Based on the decision procedure to CIR, CICheck includes two variants: ED-CICheck and ED-CICheck, which detect erroneous CI tests (to enhance reliability) and prune excessive CI tests (to enhance privacy), respectively. [abridged due to length limit

Selecting additional tag SNPs for tolerating missing data in genotyping

BACKGROUND: Recent studies have shown that the patterns of linkage disequilibrium observed in human populations have a block-like structure, and a small subset of SNPs (called tag SNPs) is sufficient to distinguish each pair of haplotype patterns in the block. In reality, some tag SNPs may be missing, and we may fail to distinguish two distinct haplotypes due to the ambiguity caused by missing data. RESULTS: We show there exists a subset of SNPs (referred to as robust tag SNPs) which can still distinguish all distinct haplotypes even when some SNPs are missing. The problem of finding minimum robust tag SNPs is shown to be NP-hard. To find robust tag SNPs efficiently, we propose two greedy algorithms and one linear programming relaxation algorithm. The experimental results indicate that (1) the solutions found by these algorithms are quite close to the optimal solution; (2) the genotyping cost saved by using tag SNPs can be as high as 80%; and (3) genotyping additional tag SNPs for tolerating missing data is still cost-effective. CONCLUSION: Genotyping robust tag SNPs is more practical than just genotyping the minimum tag SNPs if we can not avoid the occurrence of missing data. Our theoretical analysis and experimental results show that the performance of our algorithms is not only efficient but the solution found is also close to the optimal solution