Publications
The Blavatnik ICRC prides itself on facilitating interdisciplinary and global cyber scientific research.
The cumulative research outputs of the research funded is listed in ascending alphabetical order.
Author: Adamsky, Dmitry
Year: 2017
Title: The Israeli Odyssey toward its National Cyber Security Strategy
Journal: The Washington Quarterly
Volume: 40
Issue: 2
Pages: 113-127
Start Page: 113
Date: 2017/04/03
ISSN: 0163-660X
DOI: 10.1080/0163660X.2017.1328928
URL: http://dx.doi.org/10.1080/0163660X.2017.1328928
Author: Adamsky, Dmitry
Year: 2018
Title: From Moscow with coercion: Russian deterrence theory and strategic culture
Journal: Journal of Strategic Studies
Volume: 41
Issue: 1-2
Pages: 33-60
Start Page: 33
Date: 2018/02/23
ISSN: 0140-2390
DOI: 10.1080/01402390.2017.1347872
Abstract: ABSTRACT The recent Russian approach to strategy has linked nuclear, conventional and informational (cyber) tools of influence into one integrated mechanism. The article traces the intellectual history of this Russian cross-domain concept, discusses its essence and highlights its destabilising effects. By analysing a case outside of Western strategic thought, it demonstrates how strategic concepts evolve differently in various cultural realms and argues for a tailored approach for exploring coercion policies of different actors. The findings of the study are applicable beyond the Russian case, and relevant to scholars and actors exploring, utilising or responding to cross-domain coercion strategy.
URL: https://doi.org/10.1080/01402390.2017.1347872
Author: Afek, Yehuda, Bremler-Barr, Anat, Cohen, Edith, Feibish, Shir Landau and Shagam, Michal
Year: 2016
Title: Efficient Distinct Heavy Hitters for DNS DDoS Attack Detection
Journal: arXiv preprint arXiv:1612.02636
URL: https://arxiv.org/abs/1612.02636
Author: Afek, Yehuda, Bremler-Barr, Anat and Landau-Feibish, Shira
Year: 2019
Title: Zero-Day Signature Extraction for High-Volume Attacks
Journal: IEEE/ACM Transactions on Networking
Volume: 27
Issue: 2
Pages: 691-706
Start Page: 691
ISSN: 1063-6692
DOI: 10.1109/TNET.2019.2899124
Keywords: Computer crime
Tools
Malware
IEEE transactions
Computer science
Grippers
High volume attacks
DDoS
zero-day attacks
signature extraction
heavy hitters
Abstract: We present a basic tool for zero day attack signature extraction. Given two large sets of messages, <inline-formula> <tex-math notation="LaTeX">$P$ </tex-math></inline-formula> the messages captured in the network at peacetime (i.e., mostly legitimate traffic) and <inline-formula> <tex-math notation="LaTeX">$A$ </tex-math></inline-formula> the messages captured during attack time (i.e., contains many attack messages), we present a tool for extracting a set <inline-formula> <tex-math notation="LaTeX">$S$ </tex-math></inline-formula> of strings that are frequently found in <inline-formula> <tex-math notation="LaTeX">$A$ </tex-math></inline-formula> and not in <inline-formula> <tex-math notation="LaTeX">$P$ </tex-math></inline-formula>, thus allowing the identification of the attack packets. This is an important tool in protecting sites on the Internet from worm attacks and distributed denial of service attacks and may also be useful for other problems, including command and control identification and the DNA-sequences analysis. The main contributions of this paper are the system we developed to extract the required signatures together with the string-heavy hitters problem definition and the algorithm for solving this problem. This algorithm finds popular strings of variable length in a set of messages, using, in a tricky way, the classic heavy-hitter algorithm as a building block. The algorithm runs in linear time requiring one-pass over the input. Our system makes use of this algorithm to extract the desired signatures. Furthermore, we provide an extended algorithm which is able to identify groups of signatures, often found together in the same packets, which further improves the quality of signatures generated by our system. Using our system, a yet unknown attack can be detected and stopped within minutes from attack start time.
URL: https://ieeexplore.ieee.org/abstract/document/8661792
https://doi.org/10.1109/TNET.2019.2899124
Title: Maintaining the Union of Unit Discs under Insertions with Near-Optimal Overhead
Journal: arXiv preprint arXiv:1903.10943
Abstract: We present efficient data structures for problems on unit discs and arcs of their boundary in the plane. (i) We give an output-sensitive algorithm for the dynamic maintenance of the union of n unit discs under insertions in O(klog2n) update time and O(n) space, where k is the combinatorial complexity of the structural change in the union due to the insertion of the new disc. (ii) As part of the solution of (i) we devise a fully dynamic data structure for the maintenance of lower envelopes of pseudo-lines, which we believe is of independent interest. The structure has O(log2n) update time and O(logn) vertical ray shooting query time. To achieve this performance, we devise a new algorithm for finding the intersection between two lower envelopes of pseudo-lines in O(logn) time, using \emph{tentative} binary search; the lower envelopes are special in that at x=−∞ any pseudo-line contributing to the first envelope lies below every pseudo-line contributing to the second envelope. (iii) We also present a dynamic range searching structure for a set of circular arcs of unit radius (not necessarily on the boundary of the union of the corresponding discs), where the ranges are unit discs, with O(nlogn) preprocessing time, O(n1/2+ε+ℓ) query time and O(log2n) amortized update time, where ℓ is the size of the output and for any ε>0. The structure requires O(n) storage space.
URL: https://arxiv.org/abs/1903.10943
Author: Agarwal, Pankaj K., Cohen, Ravid, Halperin, Dan and Mulzer, Wolfgang
Year: 2019
Title: Dynamic Maintenance of the Lower Envelope of Pseudo-Lines
Conference Name: CoRR European conference on Computational Geometry
Volume: abs/1902.09565
Date: /
URL: http://arxiv.org/abs/1902.09565
Author: Akavia, Adi, Leibovich, Max, Resheff, Yehezkel S, Ron, Roey, Shahar, Moni and Vald, Margarita
Year: 2019
Title: Privacy-Preserving Decision Tree Training and Prediction against Malicious Server
Journal: ACR Cryptology ePrint report 2019/1282
Abstract: Privacy-preserving machine learning enables secure outsourcing of machine learning tasks to an untrusted service provider (server) while preserving the privacy of the user's data (client). Attaining good concrete efficiency for complicated machine learning tasks, such as training decision trees, is one of the challenges in this area. Prior works on privacy-preserving decision trees required the parties to have comparable computational resources, and instructed the client to perform computation proportional to the complexity of the entire task. In this work we present new protocols for privacy-preserving decision trees, for both training and prediction, achieving the following desirable properties: 1. Efficiency: the client's complexity is independent of the training-set size during training, and of the tree size during prediction. 2. Security: privacy holds against malicious servers. 3. Practical usability: high accuracy, fast prediction, and feasible training demonstrated on standard UCI datasets, encrypted with fully homomorphic encryption. To the best of our knowledge, our protocols are the first to offer all these properties simultaneously. The core of our work consists of two technical contributions. First, a new low-degree polynomial approximation for functions, leading to faster protocols for training and prediction on encrypted data. Second, a design of an easy-to-use mechanism for proving privacy against malicious adversaries that is suitable for a wide family of protocols, and in particular, our protocols; this mechanism could be of independent interest.
Research Notes: 911
URL: ia.cr/2019/1282
https://eprint.iacr.org/2019/1282.pdf
Author: Akavia, Adi, Shaul, Hayim, Weiss, Mor and Yakhini, Zohar
Year: 2019
Title: Linear-Regression on Packed Encrypted Data in the Two-Server Model
Conference Name: WAHC'19: 7th ACM Workshop on Encrypted Computing & Applied Homomorphic Cryptography
Conference Location: London, United Kingdom
Publisher: Association for Computing Machinery
Pages: 21–32
Date: November
DOI: 10.1145/3338469.3358942
Keywords: homomorphic encryption, privacy-preserving machine learning, rlwe, packing, linear regression, single instruction multiple data
Abstract: Developing machine learning models from federated training data, containing many independent samples, is an important task that can significantly enhance the potential applicability and prediction power of learned models. Since single users, like hospitals or individual labs, typically collect data-sets that do not support accurate learning with high confidence, it is desirable to combine data from several users without compromising data privacy. In this paper, we develop a privacy-preserving solution for learning a linear regression model from data collectively contributed by several parties ("data owners''). Our protocol is based on the protocol of Giacomelli et al. (ACNS 2018) that utilized two non colluding servers and Linearly Homomorphic Encryption (LHE) to learn regularized linear regression models. Our methods use a different LHE scheme that allows us to significantly reduce both the number and runtime of homomorphic operations, as well as the total runtime complexity. Another advantage of our protocol is that the underlying LHE scheme is based on a different (and post-quantum secure) security assumption than Giacomelli et al. Our approach leverages the Chinese Remainder Theorem, and Single Instruction Multiple Data representations, to obtain our improved performance. For a 1000 x 40 linear regression task we can learn a model in a total of 3 seconds for the homomorphic operations, compared to more than 100 seconds reported in the literature. Our approach also scales up to larger feature spaces: we implemented a system that can handle a 1000 x 100 linear regression task, investing minutes of server computing time after a more significant offline pre-processing by the data owners. We intend to incorporate our protocol and implementations into a comprehensive system that can handle secure federated learning at larger scales.
URL: https://doi.org/10.1145/3338469.3358942
Author: Alon, Noga, Azar, Yossi and Berlin, Mark
Year of Conference: 2018
Title: The Price of Bounded Preemption
Conference Name: Proceedings of the 30th on Symposium on Parallelism in Algorithms and Architectures
Publisher: ACM
Pages: 301-310
ISBN: 1450357997
URL: https://www.tau.ac.il/~nogaa/PDFS/preemption1.pdf
Author: Amar, Hen, Bao, Lingfeng, Busany, Nimrod, Lo, David and Maoz, Shahar
Year: 2018
Title: Using finite-state models for log differencing
Conference Name: Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering
Conference Location: Lake Buena Vista, FL, USA
Publisher: ACM
Pages: 49-59
DOI: 10.1145/3236024.3236069
Place Published: 3236069
Author: Amir, Eli, Levi, Shai and Livne, Tsafrir
Year: 2018
Title: Do firms underreport information on cyber-attacks? Evidence from capital markets
Journal: Review of Accounting Studies
Volume: 23
Issue: 3
Pages: 1177-1206
Start Page: 1177
Date: September 01
Type of Article: journal article
ISSN: 1573-7136
DOI: 10.1007/s11142-018-9452-4
Abstract: Firms should disclose information on material cyber-attacks. However, because managers have incentives to withhold negative information, and investors cannot discover most cyber-attacks independently, firms may underreport them. Using data on cyber-attacks that firms voluntarily disclosed, and those that were withheld and later discovered by sources outside the firm, we estimate the extent to which firms withhold information on cyber-attacks. We find withheld cyber-attacks are associated with a decline of approximately 3.6% in equity values in the month the attack is discovered, and disclosed attacks with a substantially lower decline of 0.7%. The evidence is consistent with managers not disclosing negative information below a certain threshold and withholding information on the more severe attacks. Using the market reactions to withheld and disclosed attacks, we estimate that managers disclose information on cyber-attacks when investors already suspect a high likelihood (40%) of an attack.
URL: https://doi.org/10.1007/s11142-018-9452-4
Author: Applebaum, Benny and Arkis, Barak
Year of Conference: 2018
Title: On the power of amortization in secret sharing: d-uniform secret sharing and CDS with constant information rate
Conference Name: TCC Theory of Cryptography Conference
Conference Location: Panaji, India
Publisher: Springer
Pages: 317-344
DOI: https://doi.org/10.1007/978-3-030-03807-6_12
Author: Applebaum, Benny, Holenstein, Thomas, Mishra, Manoj and Shayevitz, Ofer
Year of Conference: 2018
Title: The Communication Complexity of Private Simultaneous Messages, Revisited
Editor: Nielsen, Jesper Buus and Rijmen, Vincent
Conference Name: Advances in Cryptology–EUROCRYPT 2018: 37th Annual International Conference on the Theory and Applications of Cryptographic Techniques
Conference Location: Tel Aviv, Israel
Publisher: Springer
Volume: 10821
Pages: 261
Series Title: Lecture Notes in Computer Science
Date: April 29-May 3
ISBN: 3319783750
URL: https://www.springer.com/gp/book/9783319783802
Author: Applebaum, Benny, Holenstein, Thomas, Mishra, Manoj and Shayevitz, Ofer
Year: 2019
Title: The communication complexity of private simultaneous messages, revisited
Journal: Journal of Cryptology
Pages: 1-37
Date: 17 September
ISSN: 1432-1378
Keywords: Information theoretic security; Private simultaneous messages; Conditional disclosure of secrets
Abstract: Private Simultaneous Message (PSM) protocols were introduced by Feige, Kilian and Naor (STOC ’94) as a minimal non-interactive model for information-theoretic three-party secure computation. While it is known that every function f:{0,1}k×{0,1}k→{0,1} admits a PSM protocol with exponential communication of 2k/2 (Beimel et al., TCC ’14), the best known (non-explicit) lower-bound is 3k−O(1) bits. To prove this lower-bound, FKN identified a set of simple requirements, showed that any function that satisfies these requirements is subject to the 3k−O(1) lower-bound, and proved that a random function is likely to satisfy the requirements.
We revisit the FKN lower-bound and prove the following results:
(Counterexample) We construct a function that satisfies the FKN requirements but has a PSM protocol with communication of 2k+O(1) bits, revealing a gap in the FKN proof.
(PSM lower-bounds) We show that, by imposing additional requirements, the FKN argument can be fixed leading to a 3k−O(logk) lower-bound for a random function. We also get a similar lower-bound for a function that can be computed by a polynomial-size circuit (or even polynomial-time Turing machine under standard complexity-theoretic assumptions). This yields the first non-trivial lower-bound for an explicit Boolean function partially resolving an open problem of Data, Prabhakaran and Prabhakaran (Crypto ’14, IEEE Information Theory ’16). We further extend these results to the setting of imperfect PSM protocols which may have small correctness or privacy error.
(CDS lower-bounds) We show that the original FKN argument applies (as is) to some weak form of PSM protocols which are strongly related to the setting of Conditional Disclosure of Secrets (CDS). This connection yields a simple combinatorial criterion for establishing linear Ω(k) -bit CDS lower-bounds. As a corollary, we settle the complexity of the Inner Product predicate resolving an open problem of Gay, Kerenidis, and Wee (Crypto ’15).
Notes: We are grateful to the reviewers of Eurocrypt 2018 and the Journal of Cryptology for the helpful and valuable comments on our manuscript. We especially thank the anonymous JOC referee for detecting a flaw in the original proof of Claims 9 and 13. BA and MM are supported by the European Union’s Horizon 2020 Programme (ERC-StG-2014-2020) under grant agreement no. 639813 ERC-CLC, the Check Point Institute for Information Security, and the Blavatnik Interdisciplinary Cyber Research Center. OS and MM are supported by the European Research Council, under Grant Agreement 639573.
URL: https://doi.org/10.1007/s00145-019-09334-y
Author: Arad, Ayala and Penczynski, Stefan
Year: 2018
Title: Multi‐Dimensional Reasoning in Competitive Resource Allocation Games: Evidence from Intra-Team Communication
Conference Name: Society for the Advancement of Behavioral Economics (SABE) - International Association for Research in Economic Psychology (IAREP) Conference
Conference Location: London
Date: July 20
URL: https://economics.mdx.ac.uk/sabe-2018/program/#papers
Author: Arad, Ayala and Rubinstein, Ariel
Year: 2019
Title: Multidimensional Reasoning in Games: Framework, Equilibrium, and Applications
Journal: American Economic Journal: Microeconomics
Volume: 11
Issue: 3
Pages: 285-318
Start Page: 285
ISSN: 1945-7669
1945-7685
DOI: 10.1257/mic.20170322
URL: http://www.aeaweb.org/articles?id=10.1257/mic.20170322
https://m.tau.ac.il/~aradayal/MD.pdf
Author: Atias, Aviel, Solovey, Kiril, Salzman, Oren and Halperin, Dan
Year: 2018
Title: Effective metrics for multi-robot motion-planning
Journal: The International Journal of Robotics Research
Volume: 37
Issue: 13-14
Pages: 1741-1759
Start Page: 1741
Date: 2018/12/01
ISSN: 0278-3649
DOI: 10.1177/0278364918784660
Abstract: We study the effectiveness of metrics for multi-robot motion-planning (MRMP) when using rapidly-exploring random tree (RRT)-style sampling-based planners. These metrics play the crucial role of determining the nearest neighbors of configurations and in that they regulate the connectivity of the underlying roadmaps produced by the planners and other properties such as the quality of solution paths. After screening over a dozen different metrics we focus on the five most promising ones: two more traditional metrics, and three novel ones, which we propose here, adapted from the domain of shape-matching. In addition to the novel multi-robot metrics, a central contribution of this work are tools to analyze and predict the effectiveness of metrics in the MRMP context. We identify a suite of possible substructures in the configuration space, for which it is fairly easy: (i) to define a so-called natural distance that allows us to predict the performance of a metric, which is done by comparing the distribution of its values for sampled pairs of configurations to the distribution induced by the natural distance; and (ii) to define equivalence classes of configurations and test how well a metric covers the different classes. We provide experiments that attest to the ability of our tools to predict the effectiveness of metrics: those metrics that qualify in the analysis yield higher success rate of the planner with fewer vertices in the roadmap. We also show how combining several metrics together may lead to better results (success rate and size of roadmap) than using a single metric.
URL: https://doi.org/10.1177/0278364918784660
Access Date: 2020/03/19
Author: Aviram, Nimrod, Schinzel, Sebastian, Somorovsky, Juraj, Heninger, Nadia, Dankel, Maik, Steube, Jens, Valenta, Luke, Adrian, David, Halderman, J Alex and Dukhovni, Viktor
Year of Conference: 2016
Title: DROWN: Breaking TLS Using SSLv2
Conference Name: USENIX Security Symposium
Pages: 689-706
URL: https://ai.google/research/pubs/pub45538
https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/aviram
Author: Azar, Yossi, Chiplunkar, Ashish and Kaplan, Haim
Year of Conference: 2018
Title: Prophet secretary: Surpassing the 1-1/e barrier
Conference Name: Proceedings of the 2018 ACM Conference on Economics and Computation
Publisher: ACM
Pages: 303-318
ISBN: 1450358292
DOI: https://doi.org/10.1145/3219166.3219182
URL: https://arxiv.org/pdf/1711.01834
Author: Azar, Yossi, Cohen, Ilan Reuven and Panigrahi, Debmalya
Year of Conference: 2018
Title: Randomized algorithms for online vector load balancing
Conference Name: Proceedings of the Twenty-Ninth Annual ACM-SIAM Symposium on Discrete Algorithms
Publisher: Society for Industrial and Applied Mathematics
Pages: 980-991
ISBN: 1611975034
URL: https://dl.acm.org/citation.cfm?id=3175333
https://www.dcs.warwick.ac.uk/~czumaj/SODA_2018_List_of_accepted_papers.htm
Author: Azar, Yossi, Kamara, Seny, Menache, Ishai, Raykova, Mariana and Shepard, Bruce
Year: 2014
Title: Co-Location-Resistant Clouds
Conference Name: Proceedings of the 6th ACM Workshop on Cloud Computing Security
Conference Location: Scottsdale, Arizona, USA
Publisher: ACM
Pages: 9-20
DOI: 10.1145/2664168.2664179
URL: https://dl.acm.org/citation.cfm?id=2664179
Author: Azar, Yossi and Vainstein, Danny
Year of Conference: 2017
Title: Tight bounds for clairvoyant dynamic bin packing
Conference Name: Proceedings of the 29th ACM Symposium on Parallelism in Algorithms and Architectures
Publisher: ACM
Pages: 77-86
ISBN: 145034593X
DOI: https://doi.org/10.1145/3087556.3087570
URL: https://dl.acm.org/citation.cfm?id=3087570
Author: Bao, Lingfeng, Busany, Nimrod, Lo, David and Maoz, Shahar
Year of Conference: 2019
Title: Statistical Log Differencing
Conference Name: 2019 34th IEEE/ACM International Conference on Automated Software Engineering (ASE)
Pages: 851-862
Date: 11-15 Nov. 2019
ISBN: 2643-1572
DOI: 10.1109/ASE.2019.00084
Keywords: program testing
statistical testing
system monitoring
statistical log differencing
statistical hypothesis testing
statistical significance value
statistically significant differences
real-world logs
software evolution
software testing
software security
s2KDiff
snKDiff
Log analysis
Model inference
Abstract: Recent works have considered the problem of log differencing: given two or more system's execution logs, output a model of their differences. Log differencing has potential applications in software evolution, testing, and security. In this paper we present statistical log differencing, which accounts for frequencies of behaviors found in the logs. We present two algorithms, s2KDiff for differencing two logs, and snKDiff, for differencing of many logs at once, both presenting their results over a single inferred model. A unique aspect of our algorithms is their use of statistical hypothesis testing: we let the engineer control the sensitivity of the analysis by setting the target distance between probabilities and the statistical significance value, and report only (and all) the statistically significant differences. Our evaluation shows the effectiveness of our work in terms of soundness, completeness, and performance. It also demonstrates its effectiveness compared to previous work via a user-study and its potential applications via a case study using real-world logs.
URL: https://ieeexplore.ieee.org/document/8952205
Author: Baram, Gil, Cohen, Daniel, Shapira, Zeev, Wechsler, Omree, Hight, Nir and Ben-Israel, Isaac
Year: 2018
Title: Strategic trends in the global cyber conflict
Journal: Cyber Security: A Peer-Reviewed Journal
Volume: 2
Issue: 3
Pages: 238-250
Keywords: cyber security
China
Europe
conflict
United States
Russia
Abstract: The paper reviews the main strategic trends in cyber policy and security in recent years, pointing out the emergence of a new ‘cyber escalation cycle’: while states are investing significant resources to improve their offensive cyber capabilities, these capabilities are subsequently being stolen, publicised and used by hostile countries to launch devastating cyberattacks. This has led governments to pursue legislation to control incoming technology, changing the technological relations between countries. Given the development of enhanced cyber capabilities and the effectiveness of the attacks, we believe that leakage followed by immediate use of the leaked offensive cyber weapons against rival countries will only increase, making this issue even more contentious.
URL: https://www.ingentaconnect.com/content/hsp/jcs/2018/00000002/00000003/art00006
Author: Baram, Gil and Sommer, Udi
Year of Conference: 2019
Title: Covert or not Covert: National Strategies During Cyber Conflict
Conference Name: 2019 11th International Conference on Cyber Conflict (CyCon)
Conference Location: Tallinn, Estonia
Publisher: IEEE
Volume: 900
Pages: 1-16
Date: 28-31 May
ISBN: 2325-5366 978-9949-9904-5-0
DOI: 10.23919/CYCON.2019.8756682
Keywords: computer crime
data privacy
decision making
organisational aspects
covertness
cyber conflict
international arena
cyber operations
real-world cyber attacks
covert actions
national cyber strategies
Abstract: Anonymity is considered to be a key characteristic of cyber conflict. Indeed, existing accounts in the literature focus on the advantages of the non-disclosure of cyber attacks. Such focus inspires the expectation that countries would opt to maintain covertness. This hypothesis is rejected in an empirical investigation we conducted on victims' strategies during cyber conflict: in numerous cases, victim states choose to publicly reveal the fact that they had been attacked. These counterintuitive findings are important empirically, but even more so theoretically. They motivate an investigation into the decision to forsake covertness. What does actually motivate states to move into the international arena and publicly expose a cyber attack? The goal of this paper is to understand why and under which geopolitical circumstances countries choose to give up the advantages of anonymity. Whether they wish to Name and Shame opponents for ignoring international norms or whether they try to avoid public humiliation, victims of cyber attacks occasionally reveal the fact that they had been attacked. There is tension between such motivations and the will to protect intelligence sources and the incentives to prevent escalation if an attack is revealed, even more so if the attacker is exposed. Indeed, we find that sunk costs, counter-escalation risks and the need to signal resolve-while critical in motivating victims to keep cyber attacks secret-may not suffice under such specific circumstances. By focusing on the victim's side, we draw inspiration from data on real-world cyber attacks in order to place cyber operations in the larger context of secrecy and covert actions in the international arena. In so doing, the aim is to advance the use of empirical data for understanding the dynamics of cyber conflict and the decision-making process of states operating in this increasingly complex domain.
URL: https://ieeexplore.ieee.org/abstract/document/8756682
Author: Barzilay, Ohad, Geva, Hilah, Goldstein, Anat and Oestreicher-Singer, Gal
Year of Conference: 2018
Title: Open to Everyone? The Long Tail of the Peer Economy: Evidence from Kickstarter
Conference Name: 39th International Conference on Information Systems
Publisher: AIS
URL: https://aisel.aisnet.org/cgi/viewcontent.cgi?article=1045&context=icis2018
Author: Barzilay, Ohad, Geva, Hilah, Goldstein, Anat and Oestreicher-Singer, Gal
Year: 2018
Title: Equal Opportunity for All? The Long Tail of Crowdfunding: Evidence From Kickstarter
Journal: SSRN Electronic Journal
URL: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3215280
Author: Bermanis, Amit, Wolf, Guy and Averbuch, Amir
Year: 2016
Title: Diffusion-based kernel methods on Euclidean metric measure spaces
Journal: Applied and Computational Harmonic Analysis
Volume: 41
Issue: 1
Pages: 190-213
Start Page: 190
ISSN: 1063-5203
DOI: http://dx.doi.org/10.1016/j.acha.2015.07.005
Abstract: Diffusion-based kernel methods are commonly used for analyzing massive high dimensional datasets. These methods utilize a non-parametric approach to represent the data by using an affinity kernel that represents similarities, distances or correlations between data points. The kernel is based on a Markovian diffusion process, whose transition probabilities are determined by local distances between data points. Spectral analysis of this kernel provides a representation of the data, where Euclidean distances correspond to diffusion distances between data points. When the data lies on a low dimensional manifold, these diffusion distances encompass the geometry of the manifold. In this paper, we present a generalized approach for defining diffusion-based kernels by incorporating measure-based information, which represents the density or distribution of the data, together with its local distances. The generalized construction does not require an underlying manifold to provide a meaningful kernel interpretation but assumes a more relaxed assumption that the measure and its support are related to a locally low dimensional nature of the analyzed phenomena. This kernel is shown to satisfy the necessary spectral properties that are required in order to provide a low dimensional embedding of the data. The associated diffusion process is analyzed via its infinitesimal generator and the provided embedding is demonstrated in two geometric scenarios.
URL: http://dx.doi.org/10.1016/j.acha.2015.07.005
Record Number: 48
Author: Birnhack, Michael
Year: 2018
Title: הגנה על הפרטיות בעיר הדיגיטלית
Editor: Hatuka, Tali
Book Title: העיר בעידן הדיגיטלי
Pages: 56-85
URL: https://ssrn.com/abstract=3291383
Author: Birnhack, Michael, Toch, Eran and Hadar, Irit
Year: 2014
Title: Privacy Mindset, Technological Mindset
Journal: Jurimetrics
Volume: 55
Issue: 1
Pages: 55-114
ISSN: 08971277, 21544344
Legal Note: Full publication date: FALL 2014
Abstract: [Policymakers around the world constantly search for new tools to address growing concerns about informational privacy (data protection). One solution that has gained support in recent years among policy makers is Privacy by Design (PbD). The idea is simple: think of privacy ex ante, and embed privacy within the design of a new technological system, rather than try to fix it ex post, when it is often too late. However, PbD is yet to gain an active role in engineering practices. Thus far, there are only a few success stories. This article argues that a major obstacle for PbD is the discursive and conceptual gap between law and technology. A better diagnosis of the gaps between the legal and technological perceptions of privacy is a crucial step in seeking viable solutions. We juxtapose the two fields by reading each field in terms of the other: (1) by reverse engineering the law to expose its hidden assumptions about technology (the law's technological mindset), and (2) by reading canonical technological texts to expose their hidden assumptions about privacy (technology's privacy mindset). This article's focus is on one set of informational privacy practices: the large corporation that collects data from individual data subjects. This dual reverse engineering exercise indicates substantial gaps between the legal perception of informational privacy, as reflected in the set of principles commonly known as Fair Information Practice Principles (FIPPs) and the perceptions of the engineering community. While both information technology and privacy law attempt to regulate the flow of data, they do so in utterly different ways, holding different goals and applying different constraints. The gaps between law and technology point to potential avenues to save PbD.]
URL: http://www.jstor.org/stable/24395620
Author: Busany, Nimrod, Maoz, Shahar and Yulazari, Y.
Year of Conference: 2019
Title: Size and Accuracy in Model Inference
Conference Name: 2019 34th IEEE/ACM International Conference on Automated Software Engineering (ASE)
Pages: 887-898
Date: 11-15 Nov. 2019
ISBN: 2643-1572
DOI: 10.1109/ASE.2019.00087
Keywords: finite state machines
inference mechanisms
finite-state models
execution logs
classic k-Tails model inference algorithm
mk-Tails
fine-grained control
real-world logs
Log analysis
Model inference
Abstract: Many works infer finite-state models from execution logs. Large models are more accurate but also more difficult to present and understand. Small models are easier to present and understand but are less accurate. In this work we investigate the tradeoff between model size and accuracy in the context of the classic k-Tails model inference algorithm. First, we define mk-Tails, a generalization of k-Tails from one to many parameters, which enables fine-grained control over the tradeoff. Second, we extend mk-Tails with a reduction based on past-equivalence, which effectively reduces the size of the model without decreasing its accuracy. We implemented our work and evaluated its performance and effectiveness on real-world logs as well as on models and generated logs from the literature.
Research Notes: 879
URL: https://ieeexplore.ieee.org/document/8952335
Author: Carmon, Elad, Seifert, Jean-Pierre and Wool, Avishai
Year of Conference: 2017
Title: Photonic side channel attacks against RSA
Conference Name: 2017 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)
Conference Location: McLean, VA, USA
Publisher: IEEE
Pages: 74-78
Date: 1-5 May 2017
DOI: 10.1109/HST.2017.7951801
Keywords: public key cryptography
photonic side channel attacks
public-key cryptosystem
RSA modular exponentiation
Karatsuba multiplication method
decryption
Montgomery's ladder
word length 2048 bit
word length 1024 bit
word length 32 bit
word length 64 bit
Photonics
Random access memory
Monitoring
Integrated circuits
Transistors
Cryptography
Abstract: This paper describes the first attack utilizing the photonic side channel against a public-key crypto-system. We evaluated three common implementations of RSA modular exponentiation, all using the Karatsuba multiplication method. We discovered that the key length had marginal impact on resilience to the attack: attacking a 2048-bit key required only 9% more decryption attempts than a 1024-bit key. We found that the most dominant parameter impacting the attacker's effort is the minimal block size at which the Karatsuba method reverts to naive multiplication: even for parameter values as low as 32 or 64 bits our attacks achieve 100% success rate with under 10,000 decryption operations. Somewhat surprisingly, we discovered that Montgomery's Ladder-commonly perceived as the most resilient of the three implementations to side-channel attacks-was actually the most susceptible: for 2048-bit keys, our attack reveals 100% of the secret key bits with as few as 4000 decryptions.
URL: https://ieeexplore.ieee.org/abstract/document/7951801
Author: Cohen, Ran, Haitner, Iftach, Makriyannis, Nikolaos, Orland, Matan and Samorodnitsky, Alex
Year: 2019
Title: On the round complexity of randomized Byzantine agreement
Conference Name: DISC 2019: 33rd International Symposium on Distributed Computing
Conference Location: Budapest, Hungary
Date: October
Type: arXiv preprint arXiv:1907.11329
DOI: 10.4230/LIPIcs.DISC.2019.12
Research Notes: 877
URL: http://www.cs.tau.ac.il/~iftachh/papers/ByzAgmntLB/BA_Full.pdf
http://www.dagstuhl.de/dagpub/978-3-95977-126-9
https://drops.dagstuhl.de/opus/volltexte/2019/11319/pdf/LIPIcs-DISC-2019-12.pdf
Author: Cohen, Ravid, Yovel, Yossi and Halperin, Dan
Year: 2019
Title: Sensory regimes of effective distributed searching without leaders
Journal: arXiv preprint arXiv:1904.02895
URL: https://arxiv.org/pdf/1904.02895
Author: Demchak, Chris C and Shavitt, Yuval
Year: 2018
Title: China’s Maxim–Leave No Access Point Unexploited: The Hidden Story of China Telecom’s BGP Hijacking
Journal: Military Cyber Affairs
Volume: 3
Issue: 1
Pages: 7
ISSN: 2378-0789
URL: https://doi.org/10.5038/2378-0789.3.1.1050
Author: Deutch, Daniel, Moskovitch, Yuval and Rinetzky, Noam
Year of Conference: 2018
Title: Towards Hypothetical Reasoning via Provenance Abstraction
Conference Name: EDBT'18
URL: https://www.cs.tau.ac.il/~moskovitch1/docs/edbt18.pdf
Author: Deutsch, Lior and Horn, David
Year: 2018
Title: The Weight-Shape decomposition of density estimates: A framework for clustering and image analysis algorithms
Journal: Pattern Recognition
Volume: 81
Pages: 190-199
Date: 2018/09/01/
ISSN: 0031-3203
DOI: https://doi.org/10.1016/j.patcog.2018.03.034
Keywords: Density estimate
Quantum clustering
Mean-shift clustering
Maximum entropy
Image contour extraction
Abstract: We propose an analysis scheme which addresses the Parzen-window and mixture model methods for estimating the probability density function of data points in feature space. Both methods construct the estimate as a sum of kernel functions (usually Gaussians). By adding an entropy-like function we prove that the probability distribution is a product of a weight function and a shape distribution. This Weight-Shape decomposition leads to new interpretations of established clustering algorithms. Furthermore, it suggests the construction of three different clustering schemes, which are based on gradient-ascent flow of replica points in feature space. Two of these are Quantum Clustering and the Mean-Shift algorithm. The third algorithm is based on maximal-entropy. In our terminology they become Maximal Shape Clustering, Maximal Probability Clustering and Maximal Weight Clustering, correspondingly. We demonstrate the different methods and compare them to each other on one artificial example and two natural data sets. We also apply the Weight-Shape decomposition to image analysis. The shape distribution acts as an edge detector. It serves to generate contours, as demonstrated on face images. Furthermore, it allows for defining a convolutional Shape Filter.
URL: http://www.sciencedirect.com/science/article/pii/S0031320318301249
Author: Faisal, Mustafa, Cardenas, Alvaro A and Wool, Avishai
Year of Conference: 2016
Title: Modeling Modbus TCP for intrusion detection
Conference Name: Communications and Network Security (CNS), 2016 IEEE Conference
Conference Location: Philadelphia, PA
Publisher: IEEE
Pages: 386-390
Date: Oct. 17-19
ISBN: 1509030654
DOI: 10.1109/CNS.2016.7860524
Keywords: computer network security
deterministic automata
Markov processes
SCADA systems
telecommunication channels
transport protocols
Modbus TCP modeling
intrusion detection
deterministic finite automata
DFA
DTMC
discrete time Markov chain
SCADA
supervisory control and data acquisition system
configuration-level specification
specification-based approach
Protocols
Data models
Conferences
Communication channels
Buildings
Abstract: DFAs (Deterministic Finite Automata) and DTMCs (Discrete Time Markov Chain) have been proposed for modeling Modbus/TCP for intrusion detection in SCADA (Supervisory Control and Data Acquisition) systems. While these models can be used to learn the behavior of the system, they require the designer to know the appropriate amount of training data for building the model, to retrain models when configuration changes, and to generate understandable alert messages. In this paper, we propose to complement these learned models with the specification approaches. To build a robust model, we need to consider configuration-level specifications in addition to protocol specification. As Modbus/TCP is a simple protocol with handful function code(s) or commands for each communication channel, designing a specification-based approach is suitable for monitoring this communication. We do a comparison of DFA and DTMC approaches in two datasets and illustrate how to use our inferred specification to complement these models.
URL: https://ieeexplore.ieee.org/abstract/document/7860524
Author: Feder, Amir, Gandal, Neil, Hamrick, J. T. and Moore, Tyler
Year: 2017
Title: The impact of DDoS and other security shocks on Bitcoin currency exchanges: evidence from Mt. Gox
Journal: Journal of Cybersecurity
Volume: 3
Issue: 2
Pages: 137-144
Start Page: 137
ISSN: 2057-2085
DOI: 10.1093/cybsec/tyx012
Abstract: We investigate how distributed denial-of-service (DDoS) attacks and other disruptions affect the Bitcoin ecosystem. In particular, we investigate the impact of shocks on trading activity at the leading Mt. Gox exchange between April 2011 and November 2013. We find that following DDoS attacks on Mt. Gox, the number of large trades on the exchange fell sharply. In particular, the distribution of the daily trading volume becomes less skewed (fewer big trades) and had smaller kurtosis on days following DDoS attacks. The results are robust to alternative specifications, as well as to restricting the data to activity prior to March 2013, i.e., the period before the first large appreciation in the price of and attention paid to Bitcoin.
URL: http://dx.doi.org/10.1093/cybsec/tyx012
Author: Feibish, Shir Landau, Afek, Yehuda, Bremler-Barr, Anat, Cohen, Edith and Shagam, Michal
Year of Conference: 2017
Title: Mitigating DNS random subdomain DDoS attacks by distinct heavy hitters sketches
Conference Name: Proceedings of the fifth ACM/IEEE Workshop on Hot Topics in Web Systems and Technologies
Conference Location: San Jose, CA, USA
Publisher: ACM
Pages: 8
ISBN: 1450355277
URL: https://dl.acm.org/citation.cfm?id=3132474
https://hotweb2017.github.io/program.html
Author: Feldman, Yotam MY, Enea, Constantin, Morrison, Adam, Rinetzky, Noam and Shoham, Sharon
Year: 2018
Title: Order out of chaos: Proving linearizability using local views
Periodical Title: arXiv preprint arXiv:1805.03992
Abstract: Proving the linearizability of highly concurrent data structures, such as those using optimistic concurrency control, is a challenging task. The main difficulty is in reasoning about the view of the memory obtained by the threads, because as they execute, threads observe different fragments of memory from different points in time. Until today, every linearizability proof has tackled this challenge from scratch.
We present a unifying proof argument for the correctness of unsynchronized traversals, and apply it to prove the linearizability of several highly concurrent search data structures, including an optimistic self-balancing binary search tree, the Lazy List and a lock-free skip list. Our framework harnesses {\em sequential reasoning} about the view of a thread, considering the thread as if it traverses the data structure without interference from other operations. Our key contribution is showing that properties of reachability along search paths can be deduced for concurrent traversals from such interference-free traversals, when certain intuitive conditions are met. Basing the correctness of traversals on such \emph{local view arguments} greatly simplifies linearizability proofs.
To apply our framework, the user proves that the data structure satisfies two conditions: (1) acyclicity of the order on memory, even when it is considered across intermediate memory states, and (2) preservation of search paths to locations modified by interfering writes. Establishing the conditions, as well as the full linearizability proof utilizing our proof argument, reduces to simple concurrent reasoning. The result is a clear and comprehensible correctness proof, and elucidates common patterns underlying several existing data structures.
URL: https://arxiv.org/abs/1805.03992
http://www.cs.tau.ac.il/research/yotam.feldman/papers/disc18/disc18.pdf
Author: Gandal, Neil, Hamrick, J. T., Moore, Tyler and Oberman, Tali
Year: 2018
Title: Price manipulation in the Bitcoin ecosystem
Journal: Journal of Monetary Economics
Volume: 95
Pages: 86-96
Start Page: 86
Date: 2018/05/01/
ISSN: 0304-3932
DOI: https://doi.org/10.1016/j.jmoneco.2017.12.004
Keywords: Bitcoin
Cryptocurrencies
Fraud
Exchange rate manipulation
Abstract: To its proponents, the cryptocurrency Bitcoin offers the potential to disrupt payment systems and traditional currencies. It has also been subject to security breaches and wild price fluctuations. This paper identifies and analyzes the impact of suspicious trading activity on the Mt. Gox Bitcoin currency exchange, in which approximately 600,000 bitcoins (BTC) valued at $188 million were fraudulently acquired. During both periods, the USD-BTC exchange rate rose by an average of four percent on days when suspicious trades took place, compared to a slight decline on days without suspicious activity. Based on rigorous analysis with extensive robustness checks, the paper demonstrates that the suspicious trading activity likely caused the unprecedented spike in the USD-BTC exchange rate in late 2013, when the rate jumped from around $150 to more than $1,000 in two months.
URL: http://www.sciencedirect.com/science/article/pii/S0304393217301666
Author: Geva, Hilah, Barzilay, Ohad and Oestreicher-Singer, Gal
Year of Conference: 2017
Title: A Potato Salad with a Lemon Twist: Using Supply-Side Shocks to Study the Impact of Low-Quality Actors on Crowdfunding Platforms
Conference Name: ICIS 2017 38th International Conference on Information Systems
Conference Location: Seoul, South Korea
Publisher: Association for Information Systems (AIS)
Date: December 10-13
ISBN: 978-0-9966831-5-9
Abstract: Crowdfunding platforms are open peer-to-peer two-sided markets that enable amateur entrepreneurs to raise money for their ventures. However, such markets are at risk of being flooded with low-quality offerings, a situation that might be detrimental to the success of higher-quality products. We empirically investigate the implications of such situations, referred to as “market of lemons”. We analyze a quasi-natural experiment- an exogenous media shock that occurred on Kickstarter.com. The shock was followed by a sharp increase in the number of campaigns, particularly low-quality ones. These unique conditions enable us to estimate how crowdfunding platforms are affected by the presence of an atypically large number of low quality campaigns, while controlling for temporal trends and seasonal effects. We use two novel identification strategies to show that market of lemons decreases the revenue of successful campaigns. However, campaign quality moderates this effect, such that the performance of the highest-quality campaigns is unaffected.
Research Notes: The most prestigious gathering of information systems academics and research-oriented practitioners in the world
URL: https://aisel.aisnet.org/icis2017/Peer-to-Peer/Presentations/3/
http://archives.aisconferences.org/icis2017/wp-content/uploads/2017/12/ICIS2017_ProgramBook_1209.pdf
Author: Geva, Tomer, Saar-Tsechansky, Maytal and Lustiger, Harel
Year: 2019
Title: More for less: adaptive labeling payments in online labor markets
Journal: Data Mining and Knowledge Discovery
Volume: 33
Issue: 6
Pages: 1625-1673
Start Page: 1625
Date: 2019/11/01
ISSN: 1573-756X
DOI: 10.1007/s10618-019-00637-z
Abstract: In many predictive tasks where human intelligence is needed to label training instances, online crowdsourcing markets have emerged as promising platforms for large-scale, cost-effective labeling. However, these platforms also introduce significant challenges that must be addressed in order for these opportunities to materialize. In particular, it has been shown that different trade-offs between payment offered to labelers and the quality of labeling arise at different times, possibly as a result of different market conditions and even the nature of the tasks themselves. Because the underlying mechanism giving rise to different trade-offs is not well understood, for any given labeling task and at any given time, it is not known which labeling payments to offer in the market so as to produce accurate models cost-effectively. Importantly, because in these markets the acquired labels are not always correct, determining the expected effect of labels acquired at any given payment on the improvement in model performance is particularly challenging. Effective and robust methods for dealing with these challenges are essential to enable a growing reliance on these promising and increasingly popular labor markets for large-scale labeling. In this paper, we first present this new problem of Adaptive Labeling Payment (ALP): how to learn and sequentially adapt the payment offered to crowd labelers before they undertake a labeling task, so as to produce a given predictive performance cost-effectively. We then develop an ALP approach and discuss the key challenges it aims to address so as to yield consistently good performance. We evaluate our approach extensively over a wide variety of market conditions. Our results demonstrate that the ALP method we propose yields significant cost savings and robust performance across different settings. As such, our ALP approach can be used as a benchmark for future mechanisms to determine cost-effective selection of labeling payments.
URL: https://doi.org/10.1007/s10618-019-00637-z
Author: Grossman, Shelly , Abraham, Ittai , Golan-Gueta, Guy , Michalevsky, Yan , Rinetzky, Noam, Sagiv, Mooly and Zohar, Yoni
Year of Conference: 2017
Title: Online detection of effectively callback free objects with applications to smart contracts
Conference Name: Symposium on Principles of Programming Languages
Publisher: Proc. ACM Program. Lang.
Volume: 2
Issue: POPL
Pages: 1-28
Series Title: Proceedings of the ACM on Programming Languages
ISBN: 2475-1421
DOI: 10.1145/3158136
Abstract: Callbacks are essential in many programming environments, but drastically complicate program understanding and reasoning because they allow to mutate object's local states by external objects in unexpected fashions, thus breaking modularity. The famous DAO bug in the cryptocurrency framework Ethereum, employed callbacks to steal $150M. We define the notion of Effectively Callback Free (ECF) objects in order to allow callbacks without preventing modular reasoning.
An object is ECF in a given execution trace if there exists an equivalent execution trace without callbacks to this object. An object is ECF if it is ECF in every possible execution trace. We study the decidability of dynamically checking ECF in a given execution trace and statically checking if an object is ECF. We also show that dynamically checking ECF in Ethereum is feasible and can be done online. By running the history of all execution traces in Ethereum, we were able to verify that virtually all existing contract executions, excluding these of the DAO or of contracts with similar known vulnerabilities, are ECF. Finally, we show that ECF, whether it is verified dynamically or statically, enables modular reasoning about objects with encapsulated state.
URL: https://dl.acm.org/citation.cfm?doid=3177123.3158136
Author: Hadar, Irit, Hasson, Tomer, Ayalon, Oshrat, Toch, Eran, Birnhack, Michael, Sherman, Sofia and Balissa, Arod
Year: 2018
Title: Privacy by designers: software developers’ privacy mindset
Journal: Empirical Software Engineering
Volume: 23
Issue: 1
Pages: 259-289
Start Page: 259
Date: 2018/02/01
ISSN: 1573-7616
DOI: 10.1007/s10664-017-9517-1
Abstract: Privacy by design (PbD) is a policy measure that guides software developers to apply inherent solutions to achieve better privacy protection. For PbD to be a viable option, it is important to understand developers’ perceptions, interpretation and practices as to informational privacy (or data protection). To this end, we conducted in-depth interviews with 27 developers from different domains, who practice software design. Grounded analysis of the data revealed an interplay between several different forces affecting the way in which developers handle privacy concerns. Borrowing the schema of Social Cognitive Theory (SCT), we classified and analyzed the cognitive, organizational and behavioral factors that play a role in developers’ privacy decision making. Our findings indicate that developers use the vocabulary of data security to approach privacy challenges, and that this vocabulary limits their perceptions of privacy mainly to third-party threats coming from outside of the organization; that organizational privacy climate is a powerful means for organizations to guide developers toward particular practices of privacy; and that software architectural patterns frame privacy solutions that are used throughout the development process, possibly explaining developers’ preference of policy-based solutions to architectural solutions. Further, we show, through the use of the SCT schema for framing the findings of this study, how a theoretical model of the factors that influence developers’ privacy practices can be conceptualized and used as a guide for future research toward effective implementation of PbD.
URL: https://doi.org/10.1007/s10664-017-9517-1
Author: Harel, Yaniv, Gal, Irad Ben and Elovici, Yuval
Year: 2017
Title: Cyber Security and the Role of Intelligent Systems in Addressing its Challenges
Journal: ACM Transactions on Intelligent Systems and Technology (TIST)
Volume: 8
Issue: 4
Pages: 1-12
Start Page: 1
Alternate Journal: Special Issue: Cyber Security and Regular Papers
ISSN: 2157-6904
DOI: 10.1145/3057729
Legal Note: 3057729
URL: https://dl.acm.org/citation.cfm?id=3057729
Editor: Hatuka, Tali
Year: 2018
Title: העיר בעידן הדיגיטלי - תכנון, טכנולוגיה, פרטיות ואי־שוויון
Publisher: אוני' תל אביב
DOI: http://bit.ly/2TJYeUE
Research Notes: מדריך מקיף שממפה, מבהיר ולבסוף מבקר את הזירה של 'הערים חכמות' בישראל. המדריך מבקש לבנות בסיס ידע, נגיש ופשוט בנושא למקבלי ההחלטות. מן המדריך עולות סוגיות רגישות בנוגע לתהליך קבלת ההחלטות, שימוש בתקציבים וחוסר סדר ארגוני ביישום וההטמעה של הדיגיטציה. המדריך שנכתב בעברית הופץ באופן דיגיטלי, נחשף ביום עיון ועותקים מודפסים נשלחים בימים אלו לראשי רשויות ושרים בממשלה.
Author: Hatuka, Tali, Rosen-Zvi, Issachar, Birnhack, Michael, Toch, Eran and Zur, Hadas
Year: 2018
Title: The Political Premises of Contemporary Urban Concepts: The Global City, the Sustainable City, the Resilient City, the Creative City, and the Smart City
Journal: Planning Theory & Practice
Volume: 19
Issue: 2
Pages: 160-179
Date: 2018/03/15
ISSN: 1464-9357
DOI: 10.1080/14649357.2018.1455216
Abstract: Numerous studies have focused on the global city, the sustainable city, the resilient city, the creative city, and the smart city, analyzing their politics, ideologies, and social implications. However, the literature lacks synthetic analysis that addresses these concepts by juxtaposing them and exploring their similarities and differences. This paper provides synthetic analysis, followed by a discussion of the concepts? competing and complementary logics of governance and citizenship. The concluding section addresses the importance of taking into account these diverse concepts as political ideas and discusses how these concepts become a prescriptive mix promoted by public officials and private developers.
URL: https://doi.org/10.1080/14649357.2018.1455216
Author: Hatuka, Tali and Zur, Hadas
Year: 2019
Title: Who is the ‘smart’ resident in the digital age? The varied profiles of users and non-users in the contemporary city
Journal: Urban Studies
Volume: 0
Issue: 0
Pages: 0042098019835690
Start Page: 004209801983569
ISSN: 0042-0980
1360-063X
DOI: 10.1177/0042098019835690
Keywords: digital age,neighbourhoods,networks,technology,smart resident,smart cities
Abstract: This paper is centred on the levels of participation in digital municipal platforms, and its goals are threefold: (1) to assess the normative aspirations and limitations of policy makers and key actors in the municipality with regard to the smart resident idea, with a focus on participation and privacy; (2) to assess and categorise levels of participation in varied social and geographic contexts in the city; and (3) to assess the possible link between participation and privacy practices among users. Empirically, this paper studies the practices of the inhabitants of Tel Aviv-Yafo City, with a focus on the use of digitised services provided by the municipality and the use of the celebrated project ‘Digi-Tel’ – a digital card that offers to the inhabitants of the city services, discounts, targeted information and benefits around the city. The assessment of the inhabitants’ practices is based on a survey that was conducted in four neighbourhoods with different socio-economic, ethnic and geographical characteristics. The survey is supplemented with interviews of prominent figures in the Tel Aviv-Yafo municipality to understand their views on participation and privacy. The paper concludes with a discussion of the varied profiles of the users and non-users of digital platforms in the city, revealing their complex approach to participation in the digital age.
URL: https://journals.sagepub.com/doi/abs/10.1177/0042098019835690
Author: Hirschprung, Ron, Toch, Eran, Schwartz-Chassidim, Hadas, Mendel, Tamir and Maimon, Oded
Year: 2017
Title: Analyzing and Optimizing Access Control Choice Architectures in Online Social Networks
Journal: ACM Transactions on Intelligent Systems and Technology (TIST)
Volume: 8
Issue: 4
Pages: 1-22
Start Page: 1
ISSN: 2157-6904
DOI: 10.1145/3046676
Legal Note: 3046676
URL: https://doi.org/10.1145/3046676
Author: Horn, David
Year: 2018
Title: Field Formulation of Parzen Data Analysis
Journal: arXiv preprint arXiv:1808.08776
Date: August
URL: https://arxiv.org/abs/1808.08776
Author: Hui, Kai-Lung, Kim, Seung Hyun and Wang, Qiu-Hong
Year: 2017
Title: Cybercrime deterrence and international legislation: evidence from distributed denial of service attacks
Journal: Management Information Systems Quarterly
Volume: 41
Issue: 2
Pages: 497–523
Start Page: 497
ISSN: 0276-7783
DOI: 10.25300/misq/2017/41.2.08
Keywords: convention on cybercrime, distributed denial of service attack, deterrence, legislation, law enforcement, cybercrime
Abstract: In this paper, we estimate the impact of enforcing the Convention on Cybercrime (COC) on deterring distributed denial of service (DDOS) attacks. Our data set comprises a sample of real, random spoof-source DDOS attacks recorded in 106 countries in 177 days in the period 2004-2008. We find that enforcing the COC decreases DDOS attacks by at least 11.8 percent, but a similar deterrence effect does not exist if the enforcing countries make a reservation on international cooperation. We also find evidence of network and displacement effects in COC enforcement. Our findings imply attackers in cyberspace are rational, motivated by economic incentives, and strategic in choosing attack targets. We draw related implications.
Research Notes: 858
URL: https://doi.org/10.25300/MISQ/2017/41.2.08
Author: Jarovsky, Ariel, Milo, Tova, Novgorodov, Slava and Tan, Wang-Chiew
Year of Conference: 2018
Title: Rule sharing for fraud detection via adaptation
Conference Name: 2018 IEEE 34th International Conference on Data Engineering (ICDE)
Publisher: IEEE
Pages: 125-136
ISBN: 1538655209
URL: https://ieeexplore.ieee.org/abstract/document/8509242/
Author: Jarovsky, Ariel, Milo, Tova, Novgorodov, Slava and Tan, Wang-Chiew
Year: 2018
Title: GOLDRUSH: rule sharing system for fraud detection
Journal: Proceedings of the Very Large Database Endowment
Volume: 11
Issue: 12
Pages: 1998-2001
Start Page: 1998
ISSN: 2150-8097
DOI: 10.14778/3229863.3236244
Legal Note: 3275581
Abstract: Fraud detection rules, written by domain experts, are often employed by financial companies to enhance their machine learning-based mechanisms for accurate detection of fraudulent transactions. Accurate rule writing is a challenging task where domain experts spend significant effort and time. A key observation is that much of this difficulty originates from the fact that experts typically work as "lone rangers" or in isolated groups to define the rules, or work on detecting frauds in one context in isolation from frauds that occur in another context. However, in practice there is a lot of commonality in what different experts are trying to achieve.
In this demo, we present the GOLDRUSH system, which facilitates knowledge sharing via effective adaptation of fraud detection rules from one context to another. GOLDRUSH abstracts the possible semantic interpretations of each of the conditions in the rules in one context and adapts them to the target context. Efficient algorithms are used to identify the most effective rule adaptations w.r.t a given cost-benefit metric. We showcase GOLDRUSH through a reenactment of a real-life fraud detection event. Our demonstration will engage the VLDB'18 audience, allowing them to play the role of experts collaborating in the fight against financial frauds.
URL: https://doi.org/10.14778/3229863.3236244
Author: Katz, Omer, Rinetzky, Noam and Yahav, Eran
Year of Conference: 2018
Title: Statistical Reconstruction of Class Hierarchies in Binaries
Conference Name: ASPLOS '18 ACM International Conference on Architectural Support for Programming Languages and Operating Systems
Conference Location: Williamsburg, VA, USA
Publisher: ACM
Pages: 363-376
Date: March 24th - 28th
Sponsor: ACM SIGPLAN, ACM SIGACT and ACM SIGLOG.
ISBN: 9781450349116
Proceedings Title: Proceedings of the 23rd ACM International Conference on Architectural Support for Programming Languages and Operating Systems
URL: https://www.asplos2018.org/
Author: Katz, Omer, Rinetzky, Noam and Yahav, Eran
Year: 2018
Title: Statistical Reconstruction of Class Hierarchies in Binaries
Journal: ACM SIGPLAN Notices
Volume: 53
Issue: 2
Pages: 363–376
Start Page: 363
ISSN: 0362-1340
DOI: 10.1145/3296957.3173202
Keywords: reverse engineering, x86, class hierarchies, static binary analysis
Abstract: We address a fundamental problem in reverse engineering of object-oriented code: the reconstruction of a program's class hierarchy from its stripped binary. Existing approaches rely heavily on structural information that is not always available, e.g., calls to parent constructors. As a result, these approaches often leave gaps in the hierarchies they construct, or fail to construct them altogether. Our main insight is that behavioral information can be used to infer subclass/superclass relations, supplementing any missing structural information. Thus, we propose the first statistical approach for static reconstruction of class hierarchies based on behavioral similarity. We capture the behavior of each type using a statistical language model (SLM), define a metric for pairwise similarity between types based on the Kullback-Leibler divergence between their SLMs, and lift it to determine the most likely class hierarchy. We implemented our approach in a tool called ROCK and used it to automatically reconstruct the class hierarchies of several real-world stripped C++ binaries. Our results demonstrate that ROCK obtained significantly more accurate class hierarchies than those obtained using structural analysis alone.
URL: https://doi.org/10.1145/3296957.3173202
Author: Khyzha, Artem, Attiya, Hagit, Gotsman, Alexey and Rinetzky, Noam
Year of Conference: 2018
Title: Safe privatization in transactional memory
Conference Name: PPoPP '18 Principles and Practice of Parallel Programming Principles and Practice of Parallel Programming 2018: 23nd ACM SIGPLAN Symposium on Principles and Practice of Parallel Programming
Conference Location: Vienna, Austria
Volume: 53
Issue: 1
Pages: 233-245
Series Editor: Machinery, Association for Computing
Date: February 24 - 28, 2018
Sponsor: SIGPLAN, SIGHPC
ISBN: 145034982X
978-1-4503-4982-6
Place Published: New York NY United States
Proceedings Title: Proceedings of the 23rd ACM SIGPLAN Symposium on Principles and Practice of Parallel Programming
Abstract: Transactional memory (TM) facilitates the development of concurrent applications by letting the programmer designate certain code blocks as atomic. Programmers using a TM often would like to access the same data both inside and outside transactions, e.g., to improve performance or to support legacy code. In this case, programmers would ideally like the TM to guarantee strong atomicity, where transactions can be viewed as executing atomically also with respect to non-transactional accesses. Since guaranteeing strong atomicity for arbitrary programs is prohibitively expensive, researchers have suggested guaranteeing it only for certain data-race free (DRF) programs, particularly those that follow the privatization idiom: from some point on, threads agree that a given object can be accessed non-transactionally. Supporting privatization safely in a TM is nontrivial, because this often requires correctly inserting transactional fences, which wait until all active transactions complete.
Unfortunately, there is currently no consensus on a single definition of transactional DRF, in particular, because no existing notion of DRF takes into account transactional fences. In this paper we propose such a notion and prove that, if a TM satisfies a certain condition generalizing opacity and a program using it is DRF assuming strong atomicity, then the program indeed has strongly atomic semantics. We show that our DRF notion allows the programmer to use privatization idioms. We also propose a method for proving our generalization of opacity and apply it to the TL2 TM.
URL: https://dl.acm.org/citation.cfm?id=3178505
https://arxiv.org/abs/1801.04249
Author: Kleinmann, Amit and Wool, Avishai
Year of Conference: 2015
Title: A statechart-based anomaly detection model for multi-threaded SCADA systems
Conference Name: International Conference on Critical Information Infrastructures Security
Publisher: Springer
Pages: 132-144
URL: https://link.springer.com/chapter/10.1007/978-3-319-33331-1_11
Author: Kleinmann, Amit and Wool, Avishai
Year of Conference: 2017
Title: Automatic Construction of Statechart-Based Anomaly Detection Models for Multi-Threaded Industrial Control Systems
Conference Name: ACM Transactions on Intelligent Systems and Technology (TIST)
Volume: 8
Issue: 4
Pages: 1-21
ISBN: 2157-6904
DOI: 10.1145/3011018
Place Published: 3011018
Proceedings Title: Proceedings of the 2nd ACM Workshop on Cyber-Physical Systems Security and Privacy
URL: https://dl.acm.org/citation.cfm?id=3011018
Author: Levin, Avner
Year: 2018
Title: Privacy by Design by Regulation: The Case Study of Ontario
Journal: Canadian Journal of Comparative and Contemporary Law
Volume: 4
Pages: 115
URL: http://www.cjccl.ca/wp-content/uploads/2018/08/Levin-Privacy-by-Design-by-Regulation.pdf
Author: Levy, Dor and Wolf, Lior
Year: 2017
Title: Learning to Align the Source Code to the Compiled Object Code
Editor: Doina, Precup and Yee Whye, Teh
Conference Name: Proceedings of the 34th International Conference on Machine Learning
Conference Location: Proceedings of Machine Learning Research
Publisher: PMLR
Volume: 70
Pages: 2043--2051
Label: pmlr-v70-levy17a
Abstract: We propose a new neural network architecture and use it for the task of statement-by-statement alignment of source code and its compiled object code. Our architecture learns the alignment between the two sequences – one being the translation of the other – by mapping each statement to a context-dependent representation vector and aligning such vectors using a grid of the two sequence domains. Our experiments include short C functions, both artificial and human-written, and show that our neural network architecture is able to predict the alignment with high accuracy, outperforming known baselines. We also demonstrate that our model is general and can learn to solve graph problems such as the Traveling Salesman Problem.
URL: http://proceedings.mlr.press
Author: Lupovici, Amir
Year: 2014
Title: The Attribution Problem and the Social Construction of Violence: Taking Cyber Deterrence Literature a Step Forward
Journal: International Studies Perspectives
Volume: 17
Issue: 3
Pages: 322–342
ISSN: 15283577
DOI: https://doi.org/10.1111/insp.12082
URL: https://academic.oup.com/isp/article/17/3/322/2684522
Author: Lupovici, Amir
Year: 2019
Title: Toward a Securitization Theory of Deterrence
Journal: International Studies Quarterly
Volume: 63
Issue: 1
Pages: 177-186
Start Page: 177
Epub Date: December 2018
Date: March
ISSN: 0020-8833
DOI: https://doi.org/10.1093/isq/sqy045
Abstract: This note incorporates securitization scholarship into the study of deterrence. I argue that deterrence is a securitizing move, and it is embedded in and affected by a broader assemblage of securitizing moves performed by different actors. These include the deterrer, the putative challenger, and various third parties. Linking deterrence theory and securitization theory opens up promising directions for theory and research. Among other things, it provides a way for interpretative scholars to engage with debates within traditional deterrence scholarship—such as those regarding deterrence success, deterrence credibility, and the effects of the use of force on these dynamics. It also highlights often-overlooked issues in the study of deterrence. These include processes through which actors come to adopt this strategy. It also includes processes through which the threat to deterrence itself becomes a powerful political tool for mobilizing support to different strategic moves.
URL: https://doi.org/10.1093/isq/sqy045
Author: Maltinsky, Alex, Giladi, Ran and Shavitt, Yuval
Year: 2017
Title: On Network Neutrality Measurements
Journal: ACM Transactions on Intelligent Systems and Technology (TIST)
Volume: 8
Issue: 4
Pages: 1-22
Start Page: 1
Alternate Journal: Special Issue: Cyber Security and Regular Papers
ISSN: 2157-6904
DOI: 10.1145/3040966
Legal Note: 3040966
URL: https://dl.acm.org/citation.cfm?id=3040966
Author: Mendel, Tamir
Year: 2019
Title: Social help: developing methods to support older adults in mobile privacy and security
Conference Name: Adjunct Proceedings of the 2019 ACM International Joint Conference on Pervasive and Ubiquitous Computing and Proceedings of the 2019 ACM International Symposium on Wearable Computers
Conference Location: London, United Kingdom
Publisher: Association for Computing Machinery
Pages: 383–387
DOI: 10.1145/3341162.3349311
Keywords: help, mobile computing, older adults, assistance, security and privacy, smartphones, support
URL: https://doi.org/10.1145/3341162.3349311
Author: Mendel, Tamir and Toch, Eran
Year: 2019
Title: My Mom was Getting this Popup: Understanding Motivations and Processes in Helping Older Relatives with Mobile Security and Privacy
Journal: Proc. ACM Interact. Mob. Wearable Ubiquitous Technol.
Volume: 3
Issue: 4
Pages: Article 147
Start Page: 1
ISSN: 2474-9567
2474-9567
DOI: 10.1145/3369821
Keywords: Assistance, Security and privacy, Smartphones, Older adults, Support, Mobile computing, Help
Abstract: Security and privacy pose a serious barrier to the use of mobile technology by older adults. While support from family and friends is known to be an effective enabler in older adults' technology adoption, we know very little about the family members' motivations for providing help, the context, and the process in which they provide it. To bridge this gap, we have conducted a mixed method study, qualitatively analyzing the helpers' assistance stories and quantitatively estimating the factors that affect helpers' willingness to offer assistance to older relatives regarding mobile security and privacy problems. Our findings point to the potential for helping older relatives, i.e., people are more willing to help and guide them than other social groups. Furthermore, we show that familiarity with an older relative's preferences is essential in providing meaningful support. We discuss our findings in the context of developing a theory of collective efficacy for security and privacy and new collaborative technologies that can reduce the barriers to social help.
URL: https://doi.org/10.1145/3369821
Author: Meyer, Joachim
Year: 2017
Title: Evaluating alerting systems from descriptions
Journal: Proceedings of the Human Factors and Ergonomics Society Annual Meeting
Volume: 61
Issue: 1
Pages: 307-307
Start Page: 307
ISSN: 1541-9312
DOI: 10.1177/1541931213601557
Abstract: Decisions in almost all domains of life receive support from automation in the form of alerts, binary cues, recommendations, etc. People often use automation or decision aids without having experience with the system, because the system may be new or because they rarely use it. When such experience is unavailable, people will base their use of the system on information they may have received about it and on descriptions, often given as probabilities or proportions. Examples are the sensitivity and specificity of a diagnostic procedure in medicine or the True Positive and False Positive rates of a detector. People use these descriptions to decide to what extent they can rely on the information. So far, it is unclear which aspects of the information about a system determine people’s evaluation of the system from a description. These evaluations will determine the trust they put in the indications from the system and the adjustment of system properties, such as thresholds. To gain some insights into this issue, we conducted an experiment. We developed descriptions of 12 systems in a quality control setting, in which participants had to detect faulty items in a production process. We used Signal Detection Theory (Green & Swets, 1966) to determine the system properties. The systems differed in d’ (1.5 or 2.5), the threshold setting lnβ (-1, 0 or 1) and the prior probability for a signal pS (.05 or .2). Half of the participants saw diagnostic values, receiving descriptions in terms of the probabilities of Hit and False Alarms, while the other half saw descriptions as predictive values, receiving the Positive Predictive Value (PPV) and the Negative Predictive Value (NPV) of each system. In the past, we have shown that people adjust system thresholds better when they see predictive values (Botzer, Meyer, Bak, & Parmet, 2010). Fifty-six students evaluated the systems in a classroom setting on a scale between 0 (completely useless) and 10 (perfect). In addition to the d’ and lnβ, which we specified when we designed the systems, we also computed for each system the Probability of Correct Indication (pCorrect), the Expected Value (given the costs and benefits in the description), and the transmitted information according to Information Theory. We analyzed the results with multivariate analyses of variance and by computing the correlations between the evaluations and system properties. The results showed that participants’ responses were mainly correlated with d’. The effects of the threshold setting lnβ and of pS were small, compared to the effects of d’. The correlations with the Expected Value and the transmitted information were smaller and could be explained through d’. Thus, people evaluated a system in terms of its ability to differentiate between signal and noise. They did not evaluate the system according to the economic value it provided or the transmitted information. In addition, participants evaluated systems with different thresholds (lnβ) similarly. This means that in our experiment participants did not differentiate between more and less appropriate threshold settings. The ability to identify better or worse settings is important, because these settings are often the main system parameter users can adjust. These findings, in addition to the inherent problems that already exist in user adjustments of systems (Meyer & Sheridan, 2017), make it unlikely that people can adjust system settings correctly.
URL: http://journals.sagepub.com/doi/abs/10.1177/1541931213601557
Author: Milo, Tova, Novgorodov, Slava and Tan, Wang-Chiew
Year: 2016
Title: Rudolf: interactive rule refinement system for fraud detection
Journal: Proceedings of the Very Large Database Endowment
Volume: 9
Issue: 13
Pages: 1465-1468
Start Page: 1465
ISSN: 2150-8097
DOI: 10.14778/3007263.3007285
Legal Note: 3007285
URL: http://www.vldb.org/pvldb/vol9/p1465-milo.pdf
Author: Mukherjee, Suvam, Padon, Oded, Shoham, Sharon, D’Souza, Deepak and Rinetzky, Noam
Year of Conference: 2017
Title: Thread-local semantics and its efficient sequential abstractions for race-free programs
Conference Name: 24th International Symposium on Static Analysis
Publisher: Springer
Pages: 253-276
DOI: http://dx.doi.org/10.1007/978-3-319-66706-5_13
Notes: Lecture Notes in Computer Science book series (LNCS, volume 10422)
Programming and Software Engineering book sub series (LNPSE, volume 10422)
URL: https://www.cs.tau.ac.il/~maon/pubs/2017-sas.pdf
https://link.springer.com/chapter/10.1007/978-3-319-66706-5_13
Author: Naor, Moni, Pinkas, Benny and Ronen, Eyal
Year of Conference: 2019
Title: How to (not) Share a Password: Privacy Preserving Protocols for Finding Heavy Hitters with Adversarial Behavior
Conference Name: 2019 ACM SIGSAC Conference on Computer and Communications Security
Conference Location: London, United Kingdom
Publisher: Association for Computing Machinery
Pages: 1369–1386
Series Title: Lecture Notes in Computer Science book series (LNCS, volume 10821)
Date: November
Sponsor: SIGSAC
ISBN: 978-1-4503-6747-9
DOI: 10.1145/3319535.3363204
Proceedings Title: Proceedings of the
Keywords: passwords, heavy hitters, secure computation, differential privacy, malicious model
Abstract: Bad choices of passwords were and are a pervasive problem. Users choosing weak passwords do not only compromise themselves, but the whole ecosystem. E.g, common and default passwords in IoT devices were exploited by hackers to create botnets and mount severe attacks on large Internet services, such as the Mirai botnet DDoS attack. We present a method to help protect the Internet from such large scale attacks. Our method enables a server to identify popular passwords (heavy hitters), and publish a list of over-popular passwords that must be avoided. This filter ensures that no single password can be used to compromise a large percentage of the users. The list is dynamic and can be changed as new users are added or when current users change their passwords. We apply maliciously secure two-party computation and differential privacy to protect the users' password privacy. Our solution does not require extra hardware or cost, and is transparent to the user. Our private heavy hitters construction is secure even against a malicious coalition of devices which tries to manipulate the protocol to hide the popularity of some password that the attacker is exploiting. It also ensures differential privacy under continual observation of the blacklist as it changes over time. As a reality check we conducted three tests: computed the guarantees that the system provides wrt a few publicly available databases, ran full simulations on those databases, and implemented and analyzed a proof-of-concept on an IoT device. Our construction can also be used in other settings to privately learn heavy hitters in the presence of an active malicious adversary. E.g., learning the most popular sites accessed by the Tor network.
URL: https://doi.org/10.1145/3319535.3363204
Author: Pundak, Chen, Steinhart, Yael and Goldenberg, Jacob
Year: 2018
Title: The Viciousness and Caring of Sharing: Morality and Motivations of Online Shamers
Journal: ACR European Advances
URL: http://www.acrwebsite.org/volumes/v11e/eacr_v11_1700220.pdf
Author: Raban, Yoel and Hauptman, Aharon
Year: 2018
Title: Foresight of cyber security threat drivers and affecting technologies
Journal: Foresight
Volume: 20
Issue: 4
Pages: 353-363
Start Page: 353
ISSN: 1463-6689
DOI: 10.1108/FS-02-2018-0020
Abstract: Purpose The cyber security industry emerged rapidly in recent years due to mounting cyber threats and increasing cyber hacking activities. Research on emerging technologies emphasizes the risks and sometimes neglects to address the potential positive contribution to cyber security. The purpose of this study is to conduct a relatively balanced long-term foresight study to elicit major significant threat drivers and to identify emerging technologies that are likely to have a significant impact on defense and attack capabilities in cyber security. Design/methodology/approach The main instruments used in this study were horizon scanning and an online survey among subject-matter experts that assessed emerging threats and the potential impact of several emerging technologies on cyber defense capabilities and cyber attack capabilities. Findings An expert survey shows that cyber resilience, homomorphic encryption and blockchain may be considered as technologies contributing mainly to defense capabilities. On the other hand, Internet of Things, biohacking and human machine interface (HMI) and autonomous technologies add mainly to attack capabilities. In the middle, we find autonomous technologies, quantum computing and artificial intelligence that contribute to defense, as well as to attack capabilities, with roughly similar impact on both. Originality/value This study adds to the current research a balanced long-term view and experts? assessment of negative and positive impacts of emerging technologies, including their time to maturity and consensus levels. Two new Likert scale measures were applied to measure the potential impact of emerging technologies on cyber security, thus enabling the classification of the results into four groups (net positive, net negative, positive-positive and negative-negative).
URL: https://doi.org/10.1108/FS-02-2018-0020
Author: Rochman, Yuval, Levy, Hanoch and Brosh, Eli
Year: 2014
Title: Efficient resource placement in cloud computing and network applications
Journal: ACM SIGMETRICS Performance Evaluation Review
Volume: 42
Issue: 2
Pages: 49-51
Start Page: 49
ISSN: 0163-5999
DOI: https://doi.org/10.1145/2667522.2667538
URL: https://doi.org/10.1145/2667522.2667538
Author: Rochman, Yuval, Levy, Hanoch and Brosh, Eli
Year: 2017
Title: Dynamic placement of resources in cloud computing and network applications
Journal: Performance Evaluation
Volume: 115
Pages: 1-37
Start Page: 1
Date: 2017/10/01/
ISSN: 0166-5316
DOI: https://doi.org/10.1016/j.peva.2017.06.003
Keywords: Resource-placement
Stochastic
Distributed-cloud
Graph algorithms
Abstract: We address the problem of dynamic resource placement in general networking and cloud computing applications. We consider a large-scale system faced by time varying and regionally distributed demands for various resources. The system operator aims at placing the resources across regions to maximize revenues, and thus needs to address the problem of how to dynamically reposition the resources in reaction to the time varying demand. The challenge posed by this setting is to deal with arbitrary multi-dimensional stochastic demands which vary over time. Under such settings one should provide a tradeoff between optimizing the resource placement as to meet its demand, and minimizing the number of added and removed resources to the placement. Our analysis and simulations reveal that optimizing the resource placement may inflict huge resource repositioning costs, even if the demand has small fluctuations. We therefore propose an algorithmic framework that overcomes this difficulty and yields very efficient dynamic placements with bounded repositioning costs. Our solution is developed under a very wide cost model, and thus allows accommodation of many systems. Our solutions are based on new analytic techniques utilizing graph theory methodologies that can be applied to other optimization/combinatorial problems.
URL: http://www.sciencedirect.com/science/article/pii/S0166531616302188
Title: Computer science for non-technological cyber programs
Conference Name: FIE 2014 IEEE Frontiers in Education Conference: Opening Innovations and Internationalization in Engineering Education
Conference Location: Madrid, Spain, Melia Castilla Hotel & Convention Center
Publisher: IEEE
Pages: 1-8
Date: October 22-25
Notes: 2014 IEEE Frontiers in Education Conference :
Research Notes: 873
URL: http://ieeexplore.ieee.org/servlet/opac?punumber=7017968
Author: Schuster, Roei, Shmatikov, Vitaly and Tromer, Eran
Year of Conference: 2017
Title: Beauty and the burst: Remote identification of encrypted video streams
Conference Name: USENIX Security
URL: https://www.usenix.org/system/files/conference/usenixsecurity17/sec17-schuster.pdf
Author: Shapira, Tal and Shavitt, Yuval
Year of Conference: 2019
Title: FlowPic: Encrypted Internet Traffic Classification is as Easy as Image Recognition
Conference Name: IEEE INFOCOM 2019-IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS)
Publisher: IEEE
Pages: 680-687
ISBN: 1728118786
Author: Shome, Rahul, Solovey, Kiril, Dobson, Andrew, Halperin, Dan and Bekris, Kostas E.
Year: 2019
Title: dRRT*: Scalable and Informed Asymptotically-Optimal Multi-Robot Motion Planning
Conference Name: CoRR European conference on Computational Geometry
Volume: abs/1903.00994
Date: /
URL: http://arxiv.org/abs/1903.00994
Author: Shome, Rahul, Solovey, Kiril, Dobson, Andrew, Halperin, Dan and Bekris, Kostas E.
Year: 2019
Title: dRRT*: Scalable and informed asymptotically-optimal multi-robot motion planning
Journal: Autonomous Robots
Volume: 44
Issue: Special Issue on Multi-Robot and Multi-Agent Systems
Pages: 443-467
Start Page: 443
Date: 2019/01/24
ISSN: 1573-7527
DOI: 10.1007/s10514-019-09832-9
Abstract: Many exciting robotic applications require multiple robots with many degrees of freedom, such as manipulators, to coordinate their motion in a shared workspace. Discovering high-quality paths in such scenarios can be achieved, in principle, by exploring the composite space of all robots. Sampling-based planners do so by building a roadmap or a tree data structure in the corresponding configuration space and can achieve asymptotic optimality. The hardness of motion planning, however, renders the explicit construction of such structures in the composite space of multiple robots impractical. This work proposes a scalable solution for such coupled multi-robot problems, which provides desirable path-quality guarantees and is also computationally efficient. In particular, the proposed $$\mathtt{dRRT^*}$$dRRT∗is an informed, asymptotically-optimal extension of a prior sampling-based multi-robot motion planner, $$\mathtt{dRRT}$$dRRT. The prior approach introduced the idea of building roadmaps for each robot and implicitly searching the tensor product of these structures in the composite space. This work identifies the conditions for convergence to optimal paths in multi-robot problems, which the prior method was not achieving. Building on this analysis, $$\mathtt{dRRT}$$dRRTis first properly adapted so as to achieve the theoretical guarantees and then further extended so as to make use of effective heuristics when searching the composite space of all robots. The case where the various robots share some degrees of freedom is also studied. Evaluation in simulation indicates that the new algorithm, $$\mathtt{dRRT^*}$$dRRT∗ converges to high-quality paths quickly and scales to a higher number of robots where various alternatives fail. This work also demonstrates the planner’s capability to solve problems involving multiple real-world robotic arms.
URL: https://doi.org/10.1007/s10514-019-09832-9
Author: Silverman, Gahl and Sommer, Udi
Year: 2019
Title: Prevalent Sentiments of the Concept of Jihad in the Public Commentsphere
Journal: Studies in Conflict & Terrorism
Pages: 1-29
Start Page: 1
ISSN: 1057-610X
DOI: 10.1080/1057610X.2019.1686854
Abstract: Certain studies of social conflicts and geopolitical processes through online social networks entail qualitative analysis. One such issue is the tension between Western and Muslim societies. We introduce computer-assisted qualitative sentiment analysis for the inquiry and extraction of varied sentiments. The analysis explores the prevalent meanings of the term jihad through discussions of Muslims and non-Muslims in the online public sphere. After examining 4,630 Facebook comments and replies, our examination leads to a holistic mapping that details peaceful, moderate, and radical opinions regarding jihad, which is an integral institution of the Muslim world. Through this method, we suggest a Muslim/non-Muslim tension indicator, which can be used in a range of political analyses.
URL: https://doi.org/10.1080/1057610X.2019.1686854
Author: Sternberg, Nurit, Luria, Roy, Chandhok, Susannah, Vickers, Brian, Kross, Ethan and Sheppes, Gal
Year: 2020
Title: When Facebook and finals collide - procrastinatory social media usage predicts enhanced anxiety☆
Journal: Computers in Human Behavior
Volume: 109
Pages: 106358
Start Page: 106358
Date: 2020/08/01/
ISSN: 0747-5632
DOI: https://doi.org/10.1016/j.chb.2020.106358
Keywords: Social networks
Anxiety
Self-control
Procrastination
Abstract: In the digital age we live in, refraining from procrastinatory social media usage, particularly when conflicting with highly valued goal pursuit, can result in failure and subsequent negative psychological outcomes. Despite mounting interest, existing evidence remains correlational and restricted to mundane contexts. To fill these gaps the current two study investigation provides converging ecological and causal evidence for the influence of procrastinatory social media usage on subsequent anxiety. Study 1 used longitudinal unobtrusive measurement of actual procrastinatory Facebook usage (using designated software) together with experience-sampling, during real-life academic exam preparation period. Findings showed that enhanced procrastinatory Facebook usage predicted increased levels of anxiety over time. Further evidence provided inferences regarding the likely ordering of this association, by ruling out a reversed directionality between anxiety and subsequent Facebook usage. Providing direct causal evidence, Study 2 created a laboratory exam context conceived as highly predictive of academic success, that directly manipulated whether actual Facebook usage was procrastinatory or not, prior to examining its influence on anxiety. Supporting predictions, only when Facebook was used instead of studying, it resulted in enhanced anxiety. The present investigation illuminates when and why social media usage leads to adverse psychological consequences.
URL: http://www.sciencedirect.com/science/article/pii/S0747563220301114
Author: Sternberg, Nurit, Luria, Roy and Sheppes, Gal
Year: 2018
Title: For whom is social-network usage associated with anxiety? The moderating role of neural working-memory filtering of Facebook information
Journal: Cognitive, Affective, & Behavioral Neuroscience
Volume: 18
Issue: 6
Pages: 1145-1158
Epub Date: 2018/08/11
Date: 2018/12/01
ISSN: 1531-135X
DOI: 10.3758/s13415-018-0627-z
Accession Number: 30094562
Keywords: Adult
Anxiety/*physiopathology/psychology
Brain/*physiopathology
Electroencephalography
Female
Humans
Male
Memory, Short-Term/*physiology
Mental Health
*Social Media
*Social Networking
Students
Young Adult
*Anxiety
*eeg
*Filtering
*Online social networks
*Working memory
Abstract: Is Facebook usage bad for mental health? Existing studies provide mixed results, and direct evidence for neural underlying moderators is lacking. We suggest that being able to filter social-network information from accessing working memory is essential to preserve limited cognitive resources to pursue relevant goals. Accordingly, among individuals with impaired neural social-network filtering ability, enhanced social-network usage would be associated with negative mental health. Specifically, participants performed a novel electrophysiological paradigm that isolates neural Facebook filtering ability. Participants’ actual Facebook behavior and anxious symptomatology were assessed. Confirming evidence showed that enhanced Facebook usage was associated with anxious symptoms among individuals with impaired neural Facebook filtering ability. Although less robust and tentative, additional suggestive evidence indicated that this specific Facebook filtering impairment was not better explained by a general filtering deficit. These results involving a neural social-network filtering moderator, may help understand for whom increased online social-network usage is associated with negative mental health.
URL: https://doi.org/10.3758/s13415-018-0627-z
Author: Tabansky, Lior
Year of Conference: 2016
Title: Towards a Theory of Cyber Power: The Israeli Experience with Innovation and Strategy
Conference Name: 8th International Conference on Cyber Conflict (CyCon)
Conference Location: Tallinn, Estonia
Publisher: IEEE & NATO CCDCOE
Pages: 51-63
DOI: 10.1109/CYCON.2016.7529426
Place Published: Tallinn, Estonia
Year Published: 2016
Proceedings Title: Cyber Power
https://ieeexplore.ieee.org/document/7529426?arnumber=7529426
Author: Tabansky, Lior
Year: 2017
Title: Cybered Influence Operations: towards a scientific research agenda
Journal: Security Policy Library - The Norwegian Atlantic Comittee
Volume: 2017
Issue: 2
Pages: 36
Date: December
ISSN: 0802-6602
URL: http://www.atlanterhavskomiteen.no/nettsider/dnak/publikasjoner/sikkerhetspolitisk-bibliotek h
Author: Tabansky, Lior
Year: 2018
Title: Sticking to their Guns: The Missing RMA for Cybersecurity
Journal: Military Cyber Affairs
Volume: 3
Issue: 2
Pages: 23
Date: June
Alternate Journal: The Journal of the Military Cyber Professionals Association
ISSN: 2378-0789
DOI: https://doi.org/10.5038/2378-0789.3.1.1039
Abstract: Why has cybered conflict disrupted the security of the most developed nations? A foreign adversary contemplating an attack on a developed nation's heartland certainly faces multiple state-run military-grade lines of defense on land, sea and air. A foreign adversary launching a direct cyber-attack on a non-military homeland target will meet none. Armed forces do not shield a society from cyber-attacks originated by foreign adversaries, no longer provide a buffer between the enemy and homeland, nor can they identify the attacker after an attack occurred.
Adversaries succeed in waging cybered conflict against the U.S. and its allies. Having repeatedly inflicted economic and social harm while evading retaliation, adversaries become brazen. To prevail in cybered conflict, we need to return to the very foundations of our defense.
However, profound defense adaptation is especially problematic for dominant militaries. To develop my argument, I turn to analyze a Stuxnet-like scenario using the Revolution in Military Affairs (RMA) concept of Security Studies and the paradigm shift concept of philosophy of science. Security Studies theory, philosophy of science and empirical evidence all suggest that profound defense adaptation demands pressure from outside the expert organization. I argue that Security Studies theory and empirical evidence, including Israel’s defense adaptation following short-range rocket threat, suggest that civilian outsiders coalescing with military partners can successfully drive defense adaptation.
To secure the Western world order, the U.S. and its allies need to rearrange their security forces, leveraging the experience accumulated through centuries.
URL: http://scholarcommons.usf.edu/mca/vol3/iss1/3
Author: Tabansky, Lior and Ben Israel, Isaac
Year: 2015
Title: Geopolitics and Israeli Strategy
Book Title: Cybersecurity in Israel
Publisher: Springer International Publishing
Pages: 9-14
Chapter: 2
Series Title: SpringerBriefs in Cybersecurity
ISBN: 978-3-319-18985-7
DOI: 10.1007/978-3-319-18986-4_2
Keywords: National security concept
Grand strategy
Cybersecurity
Arab-Israeli conflict
‘Iron Wall’
Quality
Qualitative superiority
URL: http://dx.doi.org/10.1007/978-3-319-18986-4_2
Language: English
Author: Tabansky, Lior and Ben Israel, Isaac
Year: 2015
Title: The National Innovation Ecosystem of Israel
Book Title: Cybersecurity in Israel
Publisher: Springer International Publishing
Pages: 15-30
Chapter: 3
Series Title: SpringerBriefs in Cybersecurity
ISBN: 978-3-319-18985-7
DOI: 10.1007/978-3-319-18986-4_3
Keywords: Innovation
Ecosystem
Science
R&D policy
Tel Aviv University
IDF
R&D expenditure
GERD
BERD
H2020
FP7
Office of the Chief Scientist OCS
Maf’at
Talpiot
Atuda
Yozma
Venture Capital
CyberSpark
CyberGym
URL: http://dx.doi.org/10.1007/978-3-319-18986-4_3
Author: Tabansky, Lior and Ben Israel, Isaac
Year: 2015
Title: Mid-1990s: The Prequel for National Cybersecurity Policy
Book Title: Cybersecurity in Israel
Publisher: Springer International Publishing
Pages: 31-34
Chapter: 4
Series Title: SpringerBriefs in Cybersecurity
ISBN: 978-3-319-18985-7
DOI: 10.1007/978-3-319-18986-4_4
Keywords: Disruption
Information assurance
Critical infrastructure
e-Government
Tehila
Distributed denial-of-service attack (DDoS)
URL: http://dx.doi.org/10.1007/978-3-319-18986-4_4
Author: Tabansky, Lior and Ben Israel, Isaac
Year: 2015
Title: The Israeli National Cybersecurity Policy Focuses on Critical Infrastructure Protection (CIP)
Book Title: Cybersecurity in Israel
Publisher: Springer International Publishing
Pages: 35-41
Chapter: 5
Series Title: SpringerBriefs in Cybersecurity
ISBN: 978-3-319-18985-7
DOI: 10.1007/978-3-319-18986-4_5
Keywords: Cybersecurity
Critical infrastructure
Critical infrastructure protection (CIP)
Regulation
B/84
National Information Security Authority (NISA)
Re’em
ISA
Shabak
Tel Aviv Stock Exchange (TASE)
URL: http://dx.doi.org/10.1007/978-3-319-18986-4_5
Author: Tabansky, Lior and Ben Israel, Isaac
Year: 2015
Title: Seeking Cyberpower: The National Cyber Initiative, 2010
Book Title: Cybersecurity in Israel
Publisher: Springer International Publishing
Pages: 43-48
Chapter: 6
Series Title: SpringerBriefs in Cybersecurity
ISBN: 978-3-319-18985-7
DOI: 10.1007/978-3-319-18986-4_6
Keywords: Cybersecurity
Innovation
Science
R&D policy
Multi-stakeholder
Tel Aviv University
External expert review
National cyber-initiative
URL: http://dx.doi.org/10.1007/978-3-319-18986-4_6
Author: Tabansky, Lior and Ben Israel, Isaac
Year: 2015
Title: The National Cyber-Strategy of Israel and the INCB
Book Title: Cybersecurity in Israel
Publisher: Springer International Publishing
Pages: 49-54
Chapter: 7
Series Title: SpringerBriefs in Cybersecurity
ISBN: 978-3-319-18985-7
DOI: 10.1007/978-3-319-18986-4_7
Keywords: INCB
National cyber-strategy
National cyber-policy
Resolution 3611
Global cyber-power
Critical infrastructure protection
CIP
CERT
Innovation
Cyber-industry
Growth engine
Interdisciplinary Cyber Research Centre (ICRC)
Science policy
URL: http://dx.doi.org/10.1007/978-3-319-18986-4_7
Author: Tabansky, Lior and Ben Israel, Isaac
Year: 2015
Title: Towards Comprehensive National Cybersecurity
Book Title: Cybersecurity in Israel
Publisher: Springer International Publishing
Pages: 55-61
Chapter: 8
Series Title: SpringerBriefs in Cybersecurity
ISBN: 978-3-319-18985-7
DOI: 10.1007/978-3-319-18986-4_8
Keywords: ISA
INCB
National Cyber Security Authority
NCSA
CIP
Resolution 3611
Resolution 2443
Resolution 2444
URL: http://dx.doi.org/10.1007/978-3-319-18986-4_8
Author: Tabansky, Lior and Ben Israel, Isaac
Year: 2015
Title: Striking with Bits? The IDF and Cyber-Warfare
Book Title: Cybersecurity in Israel
Publisher: Springer International Publishing
Pages: 63-69
Chapter: 9
Series Title: SpringerBriefs in Cybersecurity
ISBN: 978-3-319-18985-7
DOI: 10.1007/978-3-319-18986-4_9
Keywords: IDF
Cyber-warfare
C4I
IAF
Unit 8200
Institute for National Security Studies (INSS)
Operation Orchard
Natanz
Stuxnet
Olympic games
Attribution
Deterrence
URL: http://dx.doi.org/10.1007/978-3-319-18986-4_9
Author: Tabansky, Lior and Ben Israel, Isaac
Year: 2015
Title: Conclusion: From Cybersecurity to Cyberpower
Book Title: Cybersecurity in Israel
Publisher: Springer International Publishing
Pages: 71-73
Chapter: 10
Series Title: SpringerBriefs in Cybersecurity
ISBN: 978-3-319-18985-7
DOI: 10.1007/978-3-319-18986-4_10
Keywords: Cybersecurity
Cyberpower
Innovation ecosystem
Qualitative edge
R&D
National Cyber Initiative
INCB
NCSA
Open society
Israel
Strategy
URL: http://dx.doi.org/10.1007/978-3-319-18986-4_10
Author: Tabansky, Lior and Ben-Israel, Isaac
Year: 2015
Title: Cybersecurity in Israel
Series Editor: Gaycken, Sandro
Series Title: SpringerBriefs in Cybersecurity
Publisher: Springer
Date: August
URL: http://www.springer.com/series/10634
Author: Trabish, David, Mattavelli, Andrea, Rinetzky, Noam and Cadar, Cristian
Year of Conference: 2018
Title: Chopped Symbolic Execution
Conference Name: ICSE 2018: 40th International Conference on Software Engineering
Conference Location: Gothenburg, Sweden
Volume: Technical Papers
Date: May 27 - 3 June 2018
URL: https://www.icse2018.org/event/icse-2018-technical-papers-chopped-symbolic-execution
http://www.cs.tau.ac.il/~maon/pubs/2018-icse.pdf
https://www.computer.org/publications/tech-news/events/the-2018-international-conference-on-software-engineering-breaks-attendance-records-as-it-celebrates-its-40th-anniversary
Author: Tzezana, Roey
Year: 2016
Title: Scenarios for crime and terrorist attacks using the internet of things
Journal: European Journal of Futures Research
Volume: 4
Issue: 1
Pages: 18
Date: December 01
Type of Article: journal article
ISSN: 2195-2248
DOI: 10.1007/s40309-016-0107-z
Abstract: The Internet of Things is a paradigm in which everyday items are connected to the internet and share information with other devices. This new paradigm is rapidly becoming a reality in the developed world, and while it holds an immensely positive potential, it also means that criminals and terrorists would be able to influence the physical world from the comfort of their homes. We can expect that hackers, ransomwares, viruses, spywares and many of the other woes of the internet today will migrate to the internet of things as well. In this research we used General Morphological Analysis and brought together fifty experts on an online platform to develop novel scenarios about the crimes and terrorist acts of the future. The experts developed 21 scenarios, which were then ranked according to their plausibility. We provide a brief description of every scenario, and focus particularly on the four most plausible ones: blackmailing by connecting to smart homes, gaining insider information from wearable devices and using it for financial gains, assaulting a smart city through the internet, and performing sex crimes via connected items in the smart home.
URL: https://link.springer.com/article/10.1007%2Fs40309-016-0107-z
Author: Tzezana, Roey
Year: 2017
Title: High-probability and wild-card scenarios for future crimes and terror attacks using the Internet of Things
Journal: Foresight
Volume: 19
Issue: 1
Pages: 1-14
Start Page: 1
ISSN: 1463-6689
DOI: 10.1108/FS-11-2016-0056
Keywords: Internet of Things,Security,Terrorism,Morphological analysis,Cybersecurity,Scenario development
Abstract: This paper provides high-probability and wild-card scenarios scenarios about future crimes and terror attacks relying on the Internet of Things (IoT) indicating that the IoT is set to have a dramatic role in crime and terror attacks in future.
URL: https://www.emeraldinsight.com/doi/abs/10.1108/FS-11-2016-0056
Author: Wan, Zhiyuan, Bao, Lingfeng, Gao, Debin, Toch, Eran, Xia, Xin, Mendel, Tamir and Lo, David
Year: 2019
Title: AppMoD: Helping Older Adults Manage Mobile Security with Online Social Help
Journal: Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies
Volume: 3
Issue: 4
Pages: Article 154
Start Page: 1
ISSN: 2474-9567
2474-9567
DOI: 10.1145/3369819
Keywords: Mobile smartphones, security, decision delegation, older adults
Abstract: The rapid adoption of Smartphone devices has caused increasing security and privacy risks and breaches. Catching up with ever-evolving contemporary smartphone technology challenges leads older adults (aged 50+) to reduce or to abandon their use of mobile technology. To tackle this problem, we present AppMoD, a community-based approach that allows delegation of security and privacy decisions a trusted social connection, such as a family member or a close friend. The trusted social connection can assist in the appropriate decision or make it on behalf of the user. We implement the approach as an Android app and describe the results of three user studies (n=50 altogether), in which pairs of older adults and family members used the app in a controlled experiment. Using app anomalies as an ongoing case study, we show how delegation improves the accuracy of decisions made by older adults. Also, we show how combining decision-delegation with crowdsourcing can enhance the advice given and improve the decision-making process. Our results suggest that a community-based approach can improve the state of mobile security and privacy.
URL: https://doi.org/10.1145/3369819
Author: Yaakov, Yoav Ben, Wang, Xinrun, Meyer, Joachim and An, Bo
Year of Conference: 2019
Title: Choosing Protection: User Investments in Security Measures for Cyber Risk Management
Conference Name: GameSec 2019: Decision and Game Theory for Security
Publisher: Springer
Pages: 33-44
Date: 23 October 2019
ISBN: 978-3-030-32430-8
DOI: https://doi.org/10.1007/978-3-030-32430-8_3
Proceedings Title: Lecture Notes in Computer Science book series (LNCS, volume 11836).
International Conference on Decision and Game Theory for Security.
Keywords: Decision making; Cyber insurance; Cybersecurity;
Abstract: Firewalls, Intrusion Detection Systems (IDS), and cyber-insurance are widely used to protect against cyber-attacks and their consequences. The optimal investment in each of these security measures depends on the likelihood of threats and the severity of the damage they cause, on the user’s ability to distinguish between malicious and non-malicious content, and on the properties of the different security measures and their costs. We present a model of the optimal investment in the security measures, given that the effectiveness of each measure depends partly on the performance of the others. We also conducted an online experiment in which participants classified events as malicious or non-malicious, based on the value of an observed variable. They could protect themselves by investing in a firewall, an IDS or insurance. Four experimental conditions differed in the optimal investment in the different measures. Participants tended to invest preferably in the IDS, irrespective of the benefits from this investment. They were able to identify the firewall and insurance conditions in which investments were beneficial, but they did not invest optimally in these measures. The results imply that users’ intuitive decisions to invest resources in risk management measures are likely to be non-optimal. It is important to develop methods to help users in their decisions.
URL: https://link.springer.com/chapter/10.1007/978-3-030-32430-8_3
Author: Yu, Jiyong, Yan, Mengjia, Khyzha, Artem, Morrison, Adam, Torrellas, Josep and Fletcher, Christopher W.
Year of Conference: 2019
Title: Speculative Taint Tracking (STT): A Comprehensive Protection for Speculatively Accessed Data
Conference Name: MICRO '52: the 52nd Annual IEEE/ACM International Symposium on Microarchitecture
Conference Location: Columbus, OH, USA
Publisher: Association for Computing Machinery
Pages: 954–968
Date: October
Sponsor: SIGMICRO, IEEE CS
DOI: 10.1145/3352460.3358274
Proceedings Title: Proceedings of the 52nd Annual IEEE/ACM International Symposium on Microarchitecture
Keywords: Speculative execution attacks, Security, Information flow, Hardware
Abstract: Speculative execution attacks present an enormous security threat, capable of reading arbitrary program data under malicious speculation, and later exfiltrating that data over microarchitectural covert channels. Since these attacks first rely on being able to read arbitrary data (potential secrets), a conservative approach to defeat all attacks is to delay the execution of instructions that read those secrets, until those instructions become non-speculative.
This paper's premise is that it is safe to execute and selectively forward the results of speculative instructions that read secrets, which improves performance, as long as we can prove that the forwarded results do not reach potential covert channels. We propose a comprehensive hardware protection based on this idea, called Speculative Taint Tracking (STT), capable of protecting all speculatively accessed data.
Our work addresses two key challenges. First, to safely selectively forward secrets, we must understand what instruction(s) can form covert channels. We provide a comprehensive study of covert channels on speculative microarchitectures, and use this study to develop hardware mechanisms that block each class of channel. Along the way, we find new classes of covert channels related to implicit flow on speculative machines. Second, for performance, it is essential to disable protection on previously protected data, as soon as doing so is safe. We identify that the earliest time is when the instruction(s) producing the protected data become non-speculative, and design a novel microarchitecture for disabling protection at this moment.
We provide an extensive formal analysis showing that STT enforces a novel form of non-interference, with respect to all speculatively accessed data. We further evaluate STT on 21 SPEC and 9 PARSEC workloads, and find it adds only 8.5%/14.5% overhead (depending on attack model) relative to an insecure machine, while reducing overhead by 4.7×/18.8× relative to a baseline secure scheme.
URL: https://doi.org/10.1145/3352460.3358274
https://www.cs.tau.ac.il/~mad/publications/micro2019-stt.pdf
Author: Zilberman, Noa and Shavitt, Yuval
Year: 2016
Title: Setting the Foundations for PoP-Based Internet Evolution Models
Journal: arXiv preprint arXiv:1612.04096
URL: https://arxiv.org/abs/1612.04096v2
Author: Zrahia, Aviram
Year: 2018
Title: Threat intelligence sharing between cybersecurity vendors: Network, dyadic, and agent views
Journal: Journal of Cybersecurity
Volume: 4
Issue: 1
Pages: tyy008-tyy008
ISSN: 2057-2085
DOI: 10.1093/cybsec/tyy008
Abstract: Real-time actionable threat intelligence is an emerging defense concept focused on detection and mitigation of cyber threats. The sharing of this information between parties reduces duplication of effort and allows one organization’s detection to become another’s prevention. Although there are deployments of threat intelligence sharing across different sectors, the partnerships formed between vendors in the cybersecurity market space have a significant coopetition attribute. This article aims to improve the understanding of those relationships through an empirical study by answering questions such as the following. What insights can be derived from the network structure formed between the vendors? What are the characteristics of the established relationships? Are there any properties that are common among sharing firms? The research is based on a uniquely coded dataset of vendors and their threat-sharing relationships studied from industry, dyadic, and firm perspectives. The methodology relies on a deductive-reasoning top-down approach and utilizes graph visualization and statistical analysis tools. The key findings are as follows: (i) the cybersecurity industry exhibits a small-world structure associated with communities, suitable for effective intelligence sharing, (ii) the collaborations are characterized by coopetition between loosely integrated complementary solutions, and (iii) the number of threat-sharing relationships of a firm is positively associated with its innovation level; the effect size is nearly three times stronger among publicly traded companies than privately held companies. The article aims to contribute to both domain knowledge and methodology by discussing a distinctive statistical and visual view of the analyzed ecosystem in the context of cyberspace and integrating multidisciplinary theoretical constructs into the researched domain from different study perspectives. The results may be used by security vendors, policy decision makers, and regulation authorities to assess the market dynamics, and the methodology and lessons can be generalized and applied to other domains.
URL: http://dx.doi.org/10.1093/cybsec/tyy008
Author: כהן, דניאל and ברעם, גיל
Year: 2018
Title: שימוש בלוחמת סייבר למבצעי השפעה צבאיים
Journal: מערכות
Volume: 480-481
Issue: 64-69
URL: http://maarachot.idf.il/PDF/FILES/4/114324.pdf
Translated Author: Cohen, Daniel and Baram, Gil
Translated Title: The use of cyberwarfare in military Influence Operations | Maa'rachot - IDF Journal