Orbital obliquities of transiting planets from starspot occultations

When a planet passes in front of a starspot during a transit of its host star, it causes a small upward blip in the light curve. Modelling the transit with the starspot allows the size, brightness and position of the spot to be measured. If the same spot can be observed in two different transits, it is possible to track the motion of the spot due to the rotation of the star. The rotation period and velocity of the star (Prot and Vsini) and the sky-projected orbital obliquity of the system (lambda) can then be determined. If one has three or more observations of the same spot, the true orbital obliquity (psi) can be measured. We are performing this analysis for a number of cool stars orbited by transiting planets. We present our results so far and compile a catalogue of lambda and psi measurements from spot crossing events. The method is particularly useful for cool stars, and is therefore complementary to studies of the Rossiter-McLaughlin effect, which perform better on hotter and faster-rotating stars.Comment: Poster presentation at Cool Stars 19, Uppsala, June 2016. 6 pages, 6 figures, 1 table. To be published by Zenod

Gravitational Lensing by Black Holes: a comprehensive treatment and the case of the star S2

Light rays passing very close to a black hole may experience very strong deviations. Two geometries were separately considered in the recent literature: a source behind the black hole (standard gravitational lensing); a source in front of the black hole (retro-lensing). In this paper we start from the Strong Field Limit approach to recover both situations under the same formalism, describing not only the two geometries just mentioned but also any intermediate possible configurations of the system source-lens-observer, without any small-angle limitations. This is done for any spherically symmetric black holes and for the equatorial plane of Kerr black holes. In the light of this formalism we revisit the previous literature on retro-lensing, sensibly improving the observational estimates. In particular, for the case of the star S2, we give sharp predictions for the magnitude of the relativistic images and the time of their highest brightness, which should occur at the beginning of year 2018. The observation of such images would open fascinating perspectives on the measure of the physical parameters of the central black hole, including mass, spin and distance

RADIS: Remote Attestation of Distributed IoT Services

Remote attestation is a security technique through which a remote trusted party (i.e., Verifier) checks the trustworthiness of a potentially untrusted device (i.e., Prover). In the Internet of Things (IoT) systems, the existing remote attestation protocols propose various approaches to detect the modified software and physical tampering attacks. However, in an interoperable IoT system, in which IoT devices interact autonomously among themselves, an additional problem arises: a compromised IoT service can influence the genuine operation of other invoked service, without changing the software of the latter. In this paper, we propose a protocol for Remote Attestation of Distributed IoT Services (RADIS), which verifies the trustworthiness of distributed IoT services. Instead of attesting the complete memory content of the entire interoperable IoT devices, RADIS attests only the services involved in performing a certain functionality. RADIS relies on a control-flow attestation technique to detect IoT services that perform an unexpected operation due to their interactions with a malicious remote service. Our experiments show the effectiveness of our protocol in validating the integrity status of a distributed IoT service.Comment: 21 pages, 10 figures, 2 table

Microlensing towards the LMC revisited by adopting a non-Gaussian velocity distribution for the sources

We discuss whether the Gaussian is a reasonable approximation of the velocity distribution of stellar systems that are not spherically distributed. By using a non-Gaussian velocity distribution to describe the sources in the Large Magellanic Cloud (LMC), we reinvestigate the expected microlensing parameters of a lens population isotropically distributed either in the Milky Way halo or in the LMC (self lensing). We compare our estimates with the experimental results of the MACHO collaboration. An interesting result that emerges from our analysis is that, moving from the Gaussian to the non-Gaussian case, we do not observe any change in the form of the distribution curves describing the rate of microlensing events for lenses in the Galactic halo. The corresponding expected timescales and number of expected events also do not vary. Conversely, with respect to the self-lensing case, we observe a moderate increase in the rate and number of expected events. We conclude that the error in the estimate of the most likely value for the MACHO mass and the Galactic halo fraction in form of MACHOs, calculated with a Gaussian velocity distribution for the LMC sources, is not higher than 2%.Comment: 5 pages, 2 figures, to appear on Astronomy & Astrophysic

Know Your Enemy: Stealth Configuration-Information Gathering in SDN

Software Defined Networking (SDN) is a network architecture that aims at providing high flexibility through the separation of the network logic from the forwarding functions. The industry has already widely adopted SDN and researchers thoroughly analyzed its vulnerabilities, proposing solutions to improve its security. However, we believe important security aspects of SDN are still left uninvestigated. In this paper, we raise the concern of the possibility for an attacker to obtain knowledge about an SDN network. In particular, we introduce a novel attack, named Know Your Enemy (KYE), by means of which an attacker can gather vital information about the configuration of the network. This information ranges from the configuration of security tools, such as attack detection thresholds for network scanning, to general network policies like QoS and network virtualization. Additionally, we show that an attacker can perform a KYE attack in a stealthy fashion, i.e., without the risk of being detected. We underline that the vulnerability exploited by the KYE attack is proper of SDN and is not present in legacy networks. To address the KYE attack, we also propose an active defense countermeasure based on network flows obfuscation, which considerably increases the complexity for a successful attack. Our solution offers provable security guarantees that can be tailored to the needs of the specific network under consideratio

No NAT'd User left Behind: Fingerprinting Users behind NAT from NetFlow Records alone

It is generally recognized that the traffic generated by an individual connected to a network acts as his biometric signature. Several tools exploit this fact to fingerprint and monitor users. Often, though, these tools assume to access the entire traffic, including IP addresses and payloads. This is not feasible on the grounds that both performance and privacy would be negatively affected. In reality, most ISPs convert user traffic into NetFlow records for a concise representation that does not include, for instance, any payloads. More importantly, large and distributed networks are usually NAT'd, thus a few IP addresses may be associated to thousands of users. We devised a new fingerprinting framework that overcomes these hurdles. Our system is able to analyze a huge amount of network traffic represented as NetFlows, with the intent to track people. It does so by accurately inferring when users are connected to the network and which IP addresses they are using, even though thousands of users are hidden behind NAT. Our prototype implementation was deployed and tested within an existing large metropolitan WiFi network serving about 200,000 users, with an average load of more than 1,000 users simultaneously connected behind 2 NAT'd IP addresses only. Our solution turned out to be very effective, with an accuracy greater than 90%. We also devised new tools and refined existing ones that may be applied to other contexts related to NetFlow analysis

No Place to Hide that Bytes won't Reveal: Sniffing Location-Based Encrypted Traffic to Track a User's Position

News reports of the last few years indicated that several intelligence agencies are able to monitor large networks or entire portions of the Internet backbone. Such a powerful adversary has only recently been considered by the academic literature. In this paper, we propose a new adversary model for Location Based Services (LBSs). The model takes into account an unauthorized third party, different from the LBS provider itself, that wants to infer the location and monitor the movements of a LBS user. We show that such an adversary can extrapolate the position of a target user by just analyzing the size and the timing of the encrypted traffic exchanged between that user and the LBS provider. We performed a thorough analysis of a widely deployed location based app that comes pre-installed with many Android devices: GoogleNow. The results are encouraging and highlight the importance of devising more effective countermeasures against powerful adversaries to preserve the privacy of LBS users.Comment: 14 pages, 9th International Conference on Network and System Security (NSS 2015

Hacking Smart Machines with Smarter Ones: How to Extract Meaningful Data from Machine Learning Classifiers

Machine Learning (ML) algorithms are used to train computers to perform a variety of complex tasks and improve with experience. Computers learn how to recognize patterns, make unintended decisions, or react to a dynamic environment. Certain trained machines may be more effective than others because they are based on more suitable ML algorithms or because they were trained through superior training sets. Although ML algorithms are known and publicly released, training sets may not be reasonably ascertainable and, indeed, may be guarded as trade secrets. While much research has been performed about the privacy of the elements of training sets, in this paper we focus our attention on ML classifiers and on the statistical information that can be unconsciously or maliciously revealed from them. We show that it is possible to infer unexpected but useful information from ML classifiers. In particular, we build a novel meta-classifier and train it to hack other classifiers, obtaining meaningful information about their training sets. This kind of information leakage can be exploited, for example, by a vendor to build more effective classifiers or to simply acquire trade secrets from a competitor's apparatus, potentially violating its intellectual property rights