Memory-Based High-Level Synthesis Optimizations Security Exploration on the Power Side-Channel

High-level synthesis (HLS) allows hardware designers to think algorithmically and not worry about low-level, cycle-by-cycle details. This provides the ability to quickly explore the architectural design space and tradeoffs between resource utilization and performance. Unfortunately, security evaluation is not a standard part of the HLS design flow. In this article, we aim to understand the effects of memory-based HLS optimizations on power side-channel leakage. We use Xilinx Vivado HLS to develop different cryptographic cores, implement them on a Spartan-6 FPGA, and collect power traces. We evaluate the designs with respect to resource utilization, performance, and information leakage through power consumption. We have two important observations and contributions. First, the choice of resource optimization directive results in different levels of side-channel vulnerabilities. Second, the partitioning optimization directive can greatly compromise the hardware cryptographic system through power side-channel leakage due to the deployment of memory control logic. We describe an evaluation procedure for power side-channel leakage and use it to make best-effort recommendations about how to design more secure architectures in the cryptographic domain

The Research of QoS Approach in Web Servers

Proportional Delay Guarantee has been widely used in the Web QoS service, and the most basic methods are the feedback of control theory and the predictive control of queuing theory. While the former belonging to passive control has a long setting time and imperfect real-time, the latter can not simulate the Web server queuing system well because of the model limitations. After the experimental verification and shortages analysis of the two methods, an improved approach is proposed in this paper. Based on the queuing feature of Web server and the HTTP 1.1 persistent connection, the improved approach predicts the delay by calculating the queue length and service rate and achieves the relative delay guarantee of different classes by adjusting their quota of worker threads. The experimental results demonstrate that the approach could maintain the relative delay guarantees well even in poor network environment and performs a much better superior compared with the traditional methods

Feedback Control-based Database Connection Management for Proportional Delay Differentiation-enabled Web Application Servers

Abstract. As an important differentiated service model, proportional delay differentiation (PDD) aims to maintain the queuing delay ratio between different classes of requests or packets according to pre-specified parameters. This paper considers providing PDD service in web application servers through feedback control-based database connection management. To achieve this goal, an approximate linear time-invariant model of the database connection pool (DBCP) is identified experimentally and used to design a proportional-integral (PI) controller. Periodically the controller is invoked to calculate and adjust the probabilities for different classes of dynamic requests to use database connections, according to the error between the measured delay ratio and the reference value. Three kinds of workloads, which follow deterministic, uniform and heavy-tailed distributions respectively, are designed to evaluate the performance of the closed-loop system. Experiment results indicate that, the controller is effective in handling varying workloads, and PDD can be achieved in the DBCP even if the number of concurrent dynamic requests changes abruptly under different kinds of workloads

FDD LTE Performance Simulation Based on Massive Antenna Array

There are two methodologies to realize 3D MIMO for FDD LTE, MU-MIMO-based virtual beam (VB), and four-cell soft-split cell (SSC), which beamforms four logical cells in one physical sector, and this paper is aimed at figuring out which brings more performance between VB and SSC. In the first place, brief introduction for the mechanism of VB and SSC are presented. Subsequently, detailed systematic simulations based on WINNER II are carried out based on different traffic models (low load, medium load, and high load) and user distribution is also considered. For accurate evaluation on the performance gain of VB and SSC, 4T4R solution is also simulated as the benchmark, which is widely deployed to improve the capacity of FDD LTE by operators. Based on the simulation of results of the subsequent KPIs, cell throughput, average cell throughput, average UE throughput, and average layer number, VB and SSC effectively increase single-cell capacity and user experience in high load scenario compared with 4T3S solution and VB can bring more gain

Study of Reversible Information Hiding Scheme Based on GHM and ASA

Information hiding based on digital images is still the mainstream now. In this paper, using first-order transformation of GHM multi-wavelet, carrier image is decomposed into four components of lowest resolution sub-image. These four components are processed by ASA (Annulus Sector Analysis) to obtain embedding areas. Information hiding follows two rules: First, satisfies four components energy distributed feature of GHM multi-wavelet first-order sub-images. That means embedding robust parameters LL1 in, embedding pre-hiding information by RAID4 method in LH1 and HL1 , embedding fragile identifier HH1 in. Second, use two or more annulus to embed data symmetrically. Moreover, using Logistic chaotic map and genetic algorithm to adjust sequence of embedded data and LSB is checked by MSB. Experimental results show that the invisibility of this scheme is of 3.65% average increase and excellent perception to distortion. Robustness is improved by 11.06% at least. This scheme has a good robustness against, cutting, mean and medium filteringespecially can completely resist rotation

A Confidential Communication-Oriented Information Hiding Algorithm based on GHM multi-wavelet and DCT

Structure and energy properties of carrier are considered as the most important factors to information hiding performance. This paper develops a new method to analyze energy and structure characteristics of digital images in order to preprocess the carriers. We adopt GHM multi-wavelet transformation to decompose the cover image into sub-images with different energy level. Then we obtain the embedding regions which are expressed as numerical range by discrete cosine transform. We embed data with different robustness in different regions. Then we get the stego image which is rarely changed in energy and structure properties compared with the original cover image. Experimental results indicate that the invisibility and robustness can be increased separately by 26.87% and 19.25% averagely, and the ability against steganalysis such as RS and Higher Order Statistics based on wavelet coefficients can be improved. Moreover, our algorithm has excellent sensitivity of image processing

Energy-Efficient Coverage Quality Guaranteed in Wireless Sensors Network

Wireless sensor network is always deployed randomly in specific area for intrusion detection and environmental monitoring. Due to the hostile environment, the sensor nodes could not be replaced easily. The efficient energy consumption scheme is known to be more and more important. Meanwhile, saving the energy could not impact the coverage quality. Connecting proper sensors adaptively as a barrier for monitoring is a good solution for both maximizing network lifetime and providing predetermined coverage ratio. The simulation results demonstrate that the algorithms can effectively reduce the energy consumption of the wireless sensor network and also keep the coverage quality on a high level

Unix Domain Sockets Applied in Android Malware Should Not Be Ignored

Increasingly, malicious Android apps use various methods to steal private user data without their knowledge. Detecting the leakage of private data is the focus of mobile information security. An initial investigation found that none of the existing security analysis systems can track the flow of information through Unix domain sockets to detect the leakage of private data through such sockets, which can result in zero-day exploits in the information security field. In this paper, we conduct the first systematic study on Unix domain sockets as applied in Android apps. Then, we identify scenarios in which such apps can leak private data through Unix domain sockets, which the existing dynamic taint analysis systems do not catch. Based on these insights, we propose and implement JDroid, a taint analysis system that can track information flows through Unix domain sockets effectively to detect such privacy leaks