Publications

The Blavatnik ICRC prides itself on facilitating interdisciplinary and global cyber scientific research.

The cumulative research outputs of the research funded is listed in ascending alphabetical order.

 

Author: Adamsky, Dmitry

Year: 2017

Title: The Israeli Odyssey toward its National Cyber Security Strategy

Journal: The Washington Quarterly

Volume: 40

Issue: 2

Pages: 113-127

Start Page: 113

Date: 2017/04/03

ISSN: 0163-660X

DOI: 10.1080/0163660X.2017.1328928

URL: http://dx.doi.org/10.1080/0163660X.2017.1328928

 

 

Author: Adamsky, Dmitry

Year: 2018

Title: From Moscow with coercion: Russian deterrence theory and strategic culture

Journal: Journal of Strategic Studies

Volume: 41

Issue: 1-2

Pages: 33-60

Start Page: 33

Date: 2018/02/23

ISSN: 0140-2390

DOI: 10.1080/01402390.2017.1347872

Abstract: ABSTRACT The recent Russian approach to strategy has linked nuclear, conventional and informational (cyber) tools of influence into one integrated mechanism. The article traces the intellectual history of this Russian cross-domain concept, discusses its essence and highlights its destabilising effects. By analysing a case outside of Western strategic thought, it demonstrates how strategic concepts evolve differently in various cultural realms and argues for a tailored approach for exploring coercion policies of different actors. The findings of the study are applicable beyond the Russian case, and relevant to scholars and actors exploring, utilising or responding to cross-domain coercion strategy.

URL: https://doi.org/10.1080/01402390.2017.1347872

 

 

Author: Afek, Yehuda, Bremler-Barr, Anat, Cohen, Edith, Feibish, Shir Landau and Shagam, Michal

Year: 2016

Title: Efficient Distinct Heavy Hitters for DNS DDoS Attack Detection

Journal: arXiv preprint arXiv:1612.02636

URL: https://arxiv.org/abs/1612.02636

 

 

Author: Afek, Yehuda, Bremler-Barr, Anat and Landau-Feibish, Shira

Year: 2019

Title: Zero-Day Signature Extraction for High-Volume Attacks

Journal: IEEE/ACM Transactions on Networking

Volume: 27

Issue: 2

Pages: 691-706

Start Page: 691

ISSN: 1063-6692

DOI: 10.1109/TNET.2019.2899124

Keywords: Computer crime

Tools

Malware

IEEE transactions

Computer science

Grippers

High volume attacks

DDoS

zero-day attacks

signature extraction

heavy hitters

Abstract: We present a basic tool for zero day attack signature extraction. Given two large sets of messages, <inline-formula> <tex-math notation="LaTeX">$P$ </tex-math></inline-formula> the messages captured in the network at peacetime (i.e., mostly legitimate traffic) and <inline-formula> <tex-math notation="LaTeX">$A$ </tex-math></inline-formula> the messages captured during attack time (i.e., contains many attack messages), we present a tool for extracting a set <inline-formula> <tex-math notation="LaTeX">$S$ </tex-math></inline-formula> of strings that are frequently found in <inline-formula> <tex-math notation="LaTeX">$A$ </tex-math></inline-formula> and not in <inline-formula> <tex-math notation="LaTeX">$P$ </tex-math></inline-formula>, thus allowing the identification of the attack packets. This is an important tool in protecting sites on the Internet from worm attacks and distributed denial of service attacks and may also be useful for other problems, including command and control identification and the DNA-sequences analysis. The main contributions of this paper are the system we developed to extract the required signatures together with the string-heavy hitters problem definition and the algorithm for solving this problem. This algorithm finds popular strings of variable length in a set of messages, using, in a tricky way, the classic heavy-hitter algorithm as a building block. The algorithm runs in linear time requiring one-pass over the input. Our system makes use of this algorithm to extract the desired signatures. Furthermore, we provide an extended algorithm which is able to identify groups of signatures, often found together in the same packets, which further improves the quality of signatures generated by our system. Using our system, a yet unknown attack can be detected and stopped within minutes from attack start time.

URL: https://ieeexplore.ieee.org/abstract/document/8661792

https://doi.org/10.1109/TNET.2019.2899124

 

 

Title: Maintaining the Union of Unit Discs under Insertions with Near-Optimal Overhead

Journal: arXiv preprint arXiv:1903.10943

Abstract: We present efficient data structures for problems on unit discs and arcs of their boundary in the plane. (i) We give an output-sensitive algorithm for the dynamic maintenance of the union of n unit discs under insertions in O(klog2n) update time and O(n) space, where k is the combinatorial complexity of the structural change in the union due to the insertion of the new disc. (ii) As part of the solution of (i) we devise a fully dynamic data structure for the maintenance of lower envelopes of pseudo-lines, which we believe is of independent interest. The structure has O(log2n) update time and O(logn) vertical ray shooting query time. To achieve this performance, we devise a new algorithm for finding the intersection between two lower envelopes of pseudo-lines in O(logn) time, using \emph{tentative} binary search; the lower envelopes are special in that at x=−∞ any pseudo-line contributing to the first envelope lies below every pseudo-line contributing to the second envelope. (iii) We also present a dynamic range searching structure for a set of circular arcs of unit radius (not necessarily on the boundary of the union of the corresponding discs), where the ranges are unit discs, with O(nlogn) preprocessing time, O(n1/2+ε+ℓ) query time and O(log2n) amortized update time, where ℓ is the size of the output and for any ε>0. The structure requires O(n) storage space.

URL: https://arxiv.org/abs/1903.10943

 

 

Author: Agarwal, Pankaj K., Cohen, Ravid, Halperin, Dan and Mulzer, Wolfgang

Year: 2019

Title: Dynamic Maintenance of the Lower Envelope of Pseudo-Lines

Conference Name: CoRR European conference on Computational Geometry

Volume: abs/1902.09565

Date: /

URL: http://arxiv.org/abs/1902.09565

 

 

Author: Akavia, Adi, Leibovich, Max, Resheff, Yehezkel S, Ron, Roey, Shahar, Moni and Vald, Margarita

Year: 2019

Title: Privacy-Preserving Decision Tree Training and Prediction against Malicious Server

Journal: ACR Cryptology ePrint report 2019/1282

Abstract: Privacy-preserving machine learning enables secure outsourcing of machine learning tasks to an untrusted service provider (server) while preserving the privacy of the user's data (client). Attaining good concrete efficiency for complicated machine learning tasks, such as training decision trees, is one of the challenges in this area. Prior works on privacy-preserving decision trees required the parties to have comparable computational resources, and instructed the client to perform computation proportional to the complexity of the entire task. In this work we present new protocols for privacy-preserving decision trees, for both training and prediction, achieving the following desirable properties: 1. Efficiency: the client's complexity is independent of the training-set size during training, and of the tree size during prediction. 2. Security: privacy holds against malicious servers. 3. Practical usability: high accuracy, fast prediction, and feasible training demonstrated on standard UCI datasets, encrypted with fully homomorphic encryption. To the best of our knowledge, our protocols are the first to offer all these properties simultaneously. The core of our work consists of two technical contributions. First, a new low-degree polynomial approximation for functions, leading to faster protocols for training and prediction on encrypted data. Second, a design of an easy-to-use mechanism for proving privacy against malicious adversaries that is suitable for a wide family of protocols, and in particular, our protocols; this mechanism could be of independent interest.

Research Notes: 911

URL: ia.cr/2019/1282

https://eprint.iacr.org/2019/1282.pdf

 

 

Author: Akavia, Adi, Shaul, Hayim, Weiss, Mor and Yakhini, Zohar

Year: 2019

Title: Linear-Regression on Packed Encrypted Data in the Two-Server Model

Conference Name: WAHC'19: 7th ACM Workshop on Encrypted Computing & Applied Homomorphic Cryptography

Conference Location: London, United Kingdom

Publisher: Association for Computing Machinery

Pages: 21–32

Date: November

DOI: 10.1145/3338469.3358942

Keywords: homomorphic encryption, privacy-preserving machine learning, rlwe, packing, linear regression, single instruction multiple data

Abstract: Developing machine learning models from federated training data, containing many independent samples, is an important task that can significantly enhance the potential applicability and prediction power of learned models. Since single users, like hospitals or individual labs, typically collect data-sets that do not support accurate learning with high confidence, it is desirable to combine data from several users without compromising data privacy. In this paper, we develop a privacy-preserving solution for learning a linear regression model from data collectively contributed by several parties ("data owners''). Our protocol is based on the protocol of Giacomelli et al. (ACNS 2018) that utilized two non colluding servers and Linearly Homomorphic Encryption (LHE) to learn regularized linear regression models. Our methods use a different LHE scheme that allows us to significantly reduce both the number and runtime of homomorphic operations, as well as the total runtime complexity. Another advantage of our protocol is that the underlying LHE scheme is based on a different (and post-quantum secure) security assumption than Giacomelli et al. Our approach leverages the Chinese Remainder Theorem, and Single Instruction Multiple Data representations, to obtain our improved performance. For a 1000 x 40 linear regression task we can learn a model in a total of 3 seconds for the homomorphic operations, compared to more than 100 seconds reported in the literature. Our approach also scales up to larger feature spaces: we implemented a system that can handle a 1000 x 100 linear regression task, investing minutes of server computing time after a more significant offline pre-processing by the data owners. We intend to incorporate our protocol and implementations into a comprehensive system that can handle secure federated learning at larger scales.

URL: https://doi.org/10.1145/3338469.3358942

 

 

Author: Alon, Noga, Azar, Yossi and Berlin, Mark

Year of Conference: 2018

Title: The Price of Bounded Preemption

Conference Name: Proceedings of the 30th on Symposium on Parallelism in Algorithms and Architectures

Publisher: ACM

Pages: 301-310

ISBN: 1450357997

URL: https://www.tau.ac.il/~nogaa/PDFS/preemption1.pdf

 

 

Author: Amar, Hen, Bao, Lingfeng, Busany, Nimrod, Lo, David and Maoz, Shahar

Year: 2018

Title: Using finite-state models for log differencing

Conference Name: Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering

Conference Location: Lake Buena Vista, FL, USA

Publisher: ACM

Pages: 49-59

DOI: 10.1145/3236024.3236069

Place Published: 3236069

 

 

Author: Amir, Eli, Levi, Shai and Livne, Tsafrir

Year: 2018

Title: Do firms underreport information on cyber-attacks? Evidence from capital markets

Journal: Review of Accounting Studies

Volume: 23

Issue: 3

Pages: 1177-1206

Start Page: 1177

Date: September 01

Type of Article: journal article

ISSN: 1573-7136

DOI: 10.1007/s11142-018-9452-4

Abstract: Firms should disclose information on material cyber-attacks. However, because managers have incentives to withhold negative information, and investors cannot discover most cyber-attacks independently, firms may underreport them. Using data on cyber-attacks that firms voluntarily disclosed, and those that were withheld and later discovered by sources outside the firm, we estimate the extent to which firms withhold information on cyber-attacks. We find withheld cyber-attacks are associated with a decline of approximately 3.6% in equity values in the month the attack is discovered, and disclosed attacks with a substantially lower decline of 0.7%. The evidence is consistent with managers not disclosing negative information below a certain threshold and withholding information on the more severe attacks. Using the market reactions to withheld and disclosed attacks, we estimate that managers disclose information on cyber-attacks when investors already suspect a high likelihood (40%) of an attack.

URL: https://doi.org/10.1007/s11142-018-9452-4

 

 

Author: Applebaum, Benny and Arkis, Barak

Year of Conference: 2018

Title: On the power of amortization in secret sharing: d-uniform secret sharing and CDS with constant information rate

Conference Name: TCC Theory of Cryptography Conference

Conference Location: Panaji, India

Publisher: Springer

Pages: 317-344

DOI: https://doi.org/10.1007/978-3-030-03807-6_12

 

 

Author: Applebaum, Benny, Holenstein, Thomas, Mishra, Manoj and Shayevitz, Ofer

Year of Conference: 2018

Title: The Communication Complexity of Private Simultaneous Messages, Revisited

Editor: Nielsen, Jesper Buus and Rijmen, Vincent

Conference Name: Advances in Cryptology–EUROCRYPT 2018: 37th Annual International Conference on the Theory and Applications of Cryptographic Techniques

Conference Location: Tel Aviv, Israel

Publisher: Springer

Volume: 10821

Pages: 261

Series Title: Lecture Notes in Computer Science

Date: April 29-May 3

ISBN: 3319783750

URL: https://www.springer.com/gp/book/9783319783802

 

 

 

Author: Applebaum, Benny, Holenstein, Thomas, Mishra, Manoj and Shayevitz, Ofer

Year: 2019

Title: The communication complexity of private simultaneous messages, revisited

Journal: Journal of Cryptology

Pages: 1-37

Date: 17 September

ISSN: 1432-1378

Keywords: Information theoretic security; Private simultaneous messages; Conditional disclosure of secrets

Abstract: Private Simultaneous Message (PSM) protocols were introduced by Feige, Kilian and Naor (STOC ’94) as a minimal non-interactive model for information-theoretic three-party secure computation. While it is known that every function   f:{0,1}k×{0,1}k→{0,1}  admits a PSM protocol with exponential communication of   2k/2  (Beimel et al., TCC ’14), the best known (non-explicit) lower-bound is   3k−O(1)  bits. To prove this lower-bound, FKN identified a set of simple requirements, showed that any function that satisfies these requirements is subject to the   3k−O(1)  lower-bound, and proved that a random function is likely to satisfy the requirements.

We revisit the FKN lower-bound and prove the following results:

(Counterexample) We construct a function that satisfies the FKN requirements but has a PSM protocol with communication of   2k+O(1)  bits, revealing a gap in the FKN proof.

(PSM lower-bounds) We show that, by imposing additional requirements, the FKN argument can be fixed leading to a   3k−O(logk)  lower-bound for a random function. We also get a similar lower-bound for a function that can be computed by a polynomial-size circuit (or even polynomial-time Turing machine under standard complexity-theoretic assumptions). This yields the first non-trivial lower-bound for an explicit Boolean function partially resolving an open problem of Data, Prabhakaran and Prabhakaran (Crypto ’14, IEEE Information Theory ’16). We further extend these results to the setting of imperfect PSM protocols which may have small correctness or privacy error.

 

(CDS lower-bounds) We show that the original FKN argument applies (as is) to some weak form of PSM protocols which are strongly related to the setting of Conditional Disclosure of Secrets (CDS). This connection yields a simple combinatorial criterion for establishing linear   Ω(k) -bit CDS lower-bounds. As a corollary, we settle the complexity of the Inner Product predicate resolving an open problem of Gay, Kerenidis, and Wee (Crypto ’15).

Notes: We are grateful to the reviewers of Eurocrypt 2018 and the Journal of Cryptology for the helpful and valuable comments on our manuscript. We especially thank the anonymous JOC referee for detecting a flaw in the original proof of Claims 9 and 13. BA and MM are supported by the European Union’s Horizon 2020 Programme (ERC-StG-2014-2020) under grant agreement no. 639813 ERC-CLC, the Check Point Institute for Information Security, and the Blavatnik Interdisciplinary Cyber Research Center. OS and MM are supported by the European Research Council, under Grant Agreement 639573.

URL: https://doi.org/10.1007/s00145-019-09334-y

 

 

Author: Arad, Ayala and Penczynski, Stefan

Year: 2018

Title: Multi‐Dimensional Reasoning in Competitive Resource Allocation Games: Evidence from Intra-Team Communication

Conference Name: Society for the Advancement of Behavioral Economics (SABE) - International Association for Research in Economic Psychology (IAREP) Conference

Conference Location: London

Date: July 20

URL: https://economics.mdx.ac.uk/sabe-2018/program/#papers

 

 

Author: Arad, Ayala and Rubinstein, Ariel

Year: 2019

Title: Multidimensional Reasoning in Games: Framework, Equilibrium, and Applications

Journal: American Economic Journal: Microeconomics

Volume: 11

Issue: 3

Pages: 285-318

Start Page: 285

ISSN: 1945-7669

1945-7685

DOI: 10.1257/mic.20170322

URL: http://www.aeaweb.org/articles?id=10.1257/mic.20170322

https://m.tau.ac.il/~aradayal/MD.pdf

 

 

Author: Atias, Aviel, Solovey, Kiril, Salzman, Oren and Halperin, Dan

Year: 2018

Title: Effective metrics for multi-robot motion-planning

Journal: The International Journal of Robotics Research

Volume: 37

Issue: 13-14

Pages: 1741-1759

Start Page: 1741

Date: 2018/12/01

ISSN: 0278-3649

DOI: 10.1177/0278364918784660

Abstract: We study the effectiveness of metrics for multi-robot motion-planning (MRMP) when using rapidly-exploring random tree (RRT)-style sampling-based planners. These metrics play the crucial role of determining the nearest neighbors of configurations and in that they regulate the connectivity of the underlying roadmaps produced by the planners and other properties such as the quality of solution paths. After screening over a dozen different metrics we focus on the five most promising ones: two more traditional metrics, and three novel ones, which we propose here, adapted from the domain of shape-matching. In addition to the novel multi-robot metrics, a central contribution of this work are tools to analyze and predict the effectiveness of metrics in the MRMP context. We identify a suite of possible substructures in the configuration space, for which it is fairly easy: (i) to define a so-called natural distance that allows us to predict the performance of a metric, which is done by comparing the distribution of its values for sampled pairs of configurations to the distribution induced by the natural distance; and (ii) to define equivalence classes of configurations and test how well a metric covers the different classes. We provide experiments that attest to the ability of our tools to predict the effectiveness of metrics: those metrics that qualify in the analysis yield higher success rate of the planner with fewer vertices in the roadmap. We also show how combining several metrics together may lead to better results (success rate and size of roadmap) than using a single metric.

URL: https://doi.org/10.1177/0278364918784660

Access Date: 2020/03/19

 

 

Author: Aviram, Nimrod, Schinzel, Sebastian, Somorovsky, Juraj, Heninger, Nadia, Dankel, Maik, Steube, Jens, Valenta, Luke, Adrian, David, Halderman, J Alex and Dukhovni, Viktor

Year of Conference: 2016

Title: DROWN: Breaking TLS Using SSLv2

Conference Name: USENIX Security Symposium

Pages: 689-706

URL: https://ai.google/research/pubs/pub45538

https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/aviram

 

 

Author: Azar, Yossi, Chiplunkar, Ashish and Kaplan, Haim

Year of Conference: 2018

Title: Prophet secretary: Surpassing the 1-1/e barrier

Conference Name: Proceedings of the 2018 ACM Conference on Economics and Computation

Publisher: ACM

Pages: 303-318

ISBN: 1450358292

DOI: https://doi.org/10.1145/3219166.3219182

URL: https://arxiv.org/pdf/1711.01834

 

 

Author: Azar, Yossi, Cohen, Ilan Reuven and Panigrahi, Debmalya

Year of Conference: 2018

Title: Randomized algorithms for online vector load balancing

Conference Name: Proceedings of the Twenty-Ninth Annual ACM-SIAM Symposium on Discrete Algorithms

Publisher: Society for Industrial and Applied Mathematics

Pages: 980-991

ISBN: 1611975034

URL: https://dl.acm.org/citation.cfm?id=3175333

https://www.dcs.warwick.ac.uk/~czumaj/SODA_2018_List_of_accepted_papers.htm

 

 

Author: Azar, Yossi, Kamara, Seny, Menache, Ishai, Raykova, Mariana and Shepard, Bruce

Year: 2014

Title: Co-Location-Resistant Clouds

Conference Name: Proceedings of the 6th ACM Workshop on Cloud Computing Security

Conference Location: Scottsdale, Arizona, USA

Publisher: ACM

Pages: 9-20

DOI: 10.1145/2664168.2664179

URL: https://dl.acm.org/citation.cfm?id=2664179

 

 

Author: Azar, Yossi and Vainstein, Danny

Year of Conference: 2017

Title: Tight bounds for clairvoyant dynamic bin packing

Conference Name: Proceedings of the 29th ACM Symposium on Parallelism in Algorithms and Architectures

Publisher: ACM

Pages: 77-86

ISBN: 145034593X

DOI: https://doi.org/10.1145/3087556.3087570

URL: https://dl.acm.org/citation.cfm?id=3087570

 

 

Author: Bao, Lingfeng, Busany, Nimrod, Lo, David and Maoz, Shahar

Year of Conference: 2019

Title: Statistical Log Differencing

Conference Name: 2019 34th IEEE/ACM International Conference on Automated Software Engineering (ASE)

Pages: 851-862

Date: 11-15 Nov. 2019

ISBN: 2643-1572

DOI: 10.1109/ASE.2019.00084

Keywords: program testing

statistical testing

system monitoring

statistical log differencing

statistical hypothesis testing

statistical significance value

statistically significant differences

real-world logs

software evolution

software testing

software security

s2KDiff

snKDiff

Log analysis

Model inference

Abstract: Recent works have considered the problem of log differencing: given two or more system's execution logs, output a model of their differences. Log differencing has potential applications in software evolution, testing, and security. In this paper we present statistical log differencing, which accounts for frequencies of behaviors found in the logs. We present two algorithms, s2KDiff for differencing two logs, and snKDiff, for differencing of many logs at once, both presenting their results over a single inferred model. A unique aspect of our algorithms is their use of statistical hypothesis testing: we let the engineer control the sensitivity of the analysis by setting the target distance between probabilities and the statistical significance value, and report only (and all) the statistically significant differences. Our evaluation shows the effectiveness of our work in terms of soundness, completeness, and performance. It also demonstrates its effectiveness compared to previous work via a user-study and its potential applications via a case study using real-world logs.

URL: https://ieeexplore.ieee.org/document/8952205

 

 

Author: Baram, Gil, Cohen, Daniel, Shapira, Zeev, Wechsler, Omree, Hight, Nir and Ben-Israel, Isaac

Year: 2018

Title: Strategic trends in the global cyber conflict

Journal: Cyber Security: A Peer-Reviewed Journal

Volume: 2

Issue: 3

Pages: 238-250

Keywords: cyber security

China

Europe

conflict

United States

Russia

Abstract: The paper reviews the main strategic trends in cyber policy and security in recent years, pointing out the emergence of a new &#8216;cyber escalation cycle&#8217;: while states are investing significant resources to improve their offensive cyber capabilities, these capabilities are subsequently being stolen, publicised and used by hostile countries to launch devastating cyberattacks. This has led governments to pursue legislation to control incoming technology, changing the technological relations between countries. Given the development of enhanced cyber capabilities and the effectiveness of the attacks, we believe that leakage followed by immediate use of the leaked offensive cyber weapons against rival countries will only increase, making this issue even more contentious.

URL: https://www.ingentaconnect.com/content/hsp/jcs/2018/00000002/00000003/art00006

 

 

Author: Baram, Gil and Sommer, Udi

Year of Conference: 2019

Title: Covert or not Covert: National Strategies During Cyber Conflict

Conference Name: 2019 11th International Conference on Cyber Conflict (CyCon)

Conference Location: Tallinn, Estonia

Publisher: IEEE

Volume: 900

Pages: 1-16

Date: 28-31 May

ISBN: 2325-5366   978-9949-9904-5-0

DOI: 10.23919/CYCON.2019.8756682

Keywords: computer crime

data privacy

decision making

organisational aspects

covertness

cyber conflict

international arena

cyber operations

real-world cyber attacks

covert actions

national cyber strategies

Abstract: Anonymity is considered to be a key characteristic of cyber conflict. Indeed, existing accounts in the literature focus on the advantages of the non-disclosure of cyber attacks. Such focus inspires the expectation that countries would opt to maintain covertness. This hypothesis is rejected in an empirical investigation we conducted on victims' strategies during cyber conflict: in numerous cases, victim states choose to publicly reveal the fact that they had been attacked. These counterintuitive findings are important empirically, but even more so theoretically. They motivate an investigation into the decision to forsake covertness. What does actually motivate states to move into the international arena and publicly expose a cyber attack? The goal of this paper is to understand why and under which geopolitical circumstances countries choose to give up the advantages of anonymity. Whether they wish to Name and Shame opponents for ignoring international norms or whether they try to avoid public humiliation, victims of cyber attacks occasionally reveal the fact that they had been attacked. There is tension between such motivations and the will to protect intelligence sources and the incentives to prevent escalation if an attack is revealed, even more so if the attacker is exposed. Indeed, we find that sunk costs, counter-escalation risks and the need to signal resolve-while critical in motivating victims to keep cyber attacks secret-may not suffice under such specific circumstances. By focusing on the victim's side, we draw inspiration from data on real-world cyber attacks in order to place cyber operations in the larger context of secrecy and covert actions in the international arena. In so doing, the aim is to advance the use of empirical data for understanding the dynamics of cyber conflict and the decision-making process of states operating in this increasingly complex domain.

URL: https://ieeexplore.ieee.org/abstract/document/8756682

 

 

Author: Barzilay, Ohad, Geva, Hilah, Goldstein, Anat and Oestreicher-Singer, Gal

Year of Conference: 2018

Title: Open to Everyone? The Long Tail of the Peer Economy: Evidence from Kickstarter

Conference Name: 39th International Conference on Information Systems

Publisher: AIS

URL: https://aisel.aisnet.org/cgi/viewcontent.cgi?article=1045&context=icis2018

 

 

Author: Barzilay, Ohad, Geva, Hilah, Goldstein, Anat and Oestreicher-Singer, Gal

Year: 2018

Title: Equal Opportunity for All? The Long Tail of Crowdfunding: Evidence From Kickstarter

Journal: SSRN Electronic Journal

URL: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3215280

 

 

Author: Bermanis, Amit, Wolf, Guy and Averbuch, Amir

Year: 2016

Title: Diffusion-based kernel methods on Euclidean metric measure spaces

Journal: Applied and Computational Harmonic Analysis

Volume: 41

Issue: 1

Pages: 190-213

Start Page: 190

ISSN: 1063-5203

DOI: http://dx.doi.org/10.1016/j.acha.2015.07.005

Abstract: Diffusion-based kernel methods are commonly used for analyzing massive high dimensional datasets. These methods utilize a non-parametric approach to represent the data by using an affinity kernel that represents similarities, distances or correlations between data points. The kernel is based on a Markovian diffusion process, whose transition probabilities are determined by local distances between data points. Spectral analysis of this kernel provides a representation of the data, where Euclidean distances correspond to diffusion distances between data points. When the data lies on a low dimensional manifold, these diffusion distances encompass the geometry of the manifold. In this paper, we present a generalized approach for defining diffusion-based kernels by incorporating measure-based information, which represents the density or distribution of the data, together with its local distances. The generalized construction does not require an underlying manifold to provide a meaningful kernel interpretation but assumes a more relaxed assumption that the measure and its support are related to a locally low dimensional nature of the analyzed phenomena. This kernel is shown to satisfy the necessary spectral properties that are required in order to provide a low dimensional embedding of the data. The associated diffusion process is analyzed via its infinitesimal generator and the provided embedding is demonstrated in two geometric scenarios.

URL: http://dx.doi.org/10.1016/j.acha.2015.07.005

 

 

Record Number: 48

Author: Birnhack, Michael

Year: 2018

Title: הגנה על הפרטיות בעיר הדיגיטלית

Editor: Hatuka, Tali

Book Title: העיר בעידן הדיגיטלי

Pages: 56-85

URL: https://ssrn.com/abstract=3291383

 

 

 

Author: Birnhack, Michael, Toch, Eran and Hadar, Irit

Year: 2014

Title: Privacy Mindset, Technological Mindset

Journal: Jurimetrics

Volume: 55

Issue: 1

Pages: 55-114

ISSN: 08971277, 21544344

Legal Note: Full publication date: FALL 2014

Abstract: [Policymakers around the world constantly search for new tools to address growing concerns about informational privacy (data protection). One solution that has gained support in recent years among policy makers is Privacy by Design (PbD). The idea is simple: think of privacy ex ante, and embed privacy within the design of a new technological system, rather than try to fix it ex post, when it is often too late. However, PbD is yet to gain an active role in engineering practices. Thus far, there are only a few success stories. This article argues that a major obstacle for PbD is the discursive and conceptual gap between law and technology. A better diagnosis of the gaps between the legal and technological perceptions of privacy is a crucial step in seeking viable solutions. We juxtapose the two fields by reading each field in terms of the other: (1) by reverse engineering the law to expose its hidden assumptions about technology (the law's technological mindset), and (2) by reading canonical technological texts to expose their hidden assumptions about privacy (technology's privacy mindset). This article's focus is on one set of informational privacy practices: the large corporation that collects data from individual data subjects. This dual reverse engineering exercise indicates substantial gaps between the legal perception of informational privacy, as reflected in the set of principles commonly known as Fair Information Practice Principles (FIPPs) and the perceptions of the engineering community. While both information technology and privacy law attempt to regulate the flow of data, they do so in utterly different ways, holding different goals and applying different constraints. The gaps between law and technology point to potential avenues to save PbD.]

URL: http://www.jstor.org/stable/24395620

 

 

Author: Busany, Nimrod, Maoz, Shahar and Yulazari, Y.

Year of Conference: 2019

Title: Size and Accuracy in Model Inference

Conference Name: 2019 34th IEEE/ACM International Conference on Automated Software Engineering (ASE)

Pages: 887-898

Date: 11-15 Nov. 2019

ISBN: 2643-1572

DOI: 10.1109/ASE.2019.00087

Keywords: finite state machines

inference mechanisms

finite-state models

execution logs

classic k-Tails model inference algorithm

mk-Tails

fine-grained control

real-world logs

Log analysis

Model inference

Abstract: Many works infer finite-state models from execution logs. Large models are more accurate but also more difficult to present and understand. Small models are easier to present and understand but are less accurate. In this work we investigate the tradeoff between model size and accuracy in the context of the classic k-Tails model inference algorithm. First, we define mk-Tails, a generalization of k-Tails from one to many parameters, which enables fine-grained control over the tradeoff. Second, we extend mk-Tails with a reduction based on past-equivalence, which effectively reduces the size of the model without decreasing its accuracy. We implemented our work and evaluated its performance and effectiveness on real-world logs as well as on models and generated logs from the literature.

Research Notes: 879

URL: https://ieeexplore.ieee.org/document/8952335

 

 

Author: Carmon, Elad, Seifert, Jean-Pierre and Wool, Avishai

Year of Conference: 2017

Title: Photonic side channel attacks against RSA

Conference Name: 2017 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)

Conference Location: McLean, VA, USA

Publisher: IEEE

Pages: 74-78

Date: 1-5 May 2017

DOI: 10.1109/HST.2017.7951801

Keywords: public key cryptography

photonic side channel attacks

public-key cryptosystem

RSA modular exponentiation

Karatsuba multiplication method

decryption

Montgomery's ladder

word length 2048 bit

word length 1024 bit

word length 32 bit

word length 64 bit

Photonics

Random access memory

Monitoring

Integrated circuits

Transistors

Cryptography

Abstract: This paper describes the first attack utilizing the photonic side channel against a public-key crypto-system. We evaluated three common implementations of RSA modular exponentiation, all using the Karatsuba multiplication method. We discovered that the key length had marginal impact on resilience to the attack: attacking a 2048-bit key required only 9% more decryption attempts than a 1024-bit key. We found that the most dominant parameter impacting the attacker's effort is the minimal block size at which the Karatsuba method reverts to naive multiplication: even for parameter values as low as 32 or 64 bits our attacks achieve 100% success rate with under 10,000 decryption operations. Somewhat surprisingly, we discovered that Montgomery's Ladder-commonly perceived as the most resilient of the three implementations to side-channel attacks-was actually the most susceptible: for 2048-bit keys, our attack reveals 100% of the secret key bits with as few as 4000 decryptions.

URL: https://ieeexplore.ieee.org/abstract/document/7951801

 

 

Author: Cohen, Ran, Haitner, Iftach, Makriyannis, Nikolaos, Orland, Matan and Samorodnitsky, Alex

Year: 2019

Title: On the round complexity of randomized Byzantine agreement

Conference Name: DISC 2019: 33rd International Symposium on Distributed Computing

Conference Location: Budapest, Hungary

Date: October

Type: arXiv preprint arXiv:1907.11329

DOI: 10.4230/LIPIcs.DISC.2019.12

Research Notes: 877

URL: http://www.cs.tau.ac.il/~iftachh/papers/ByzAgmntLB/BA_Full.pdf

http://www.dagstuhl.de/dagpub/978-3-95977-126-9

https://drops.dagstuhl.de/opus/volltexte/2019/11319/pdf/LIPIcs-DISC-2019-12.pdf

 

 

Author: Cohen, Ravid, Yovel, Yossi and Halperin, Dan

Year: 2019

Title: Sensory regimes of effective distributed searching without leaders

Journal: arXiv preprint arXiv:1904.02895

URL: https://arxiv.org/pdf/1904.02895

 

 

Author: Demchak, Chris C and Shavitt, Yuval

Year: 2018

Title: China’s Maxim–Leave No Access Point Unexploited: The Hidden Story of China Telecom’s BGP Hijacking

Journal: Military Cyber Affairs

Volume: 3

Issue: 1

Pages: 7

ISSN: 2378-0789

URL: https://doi.org/10.5038/2378-0789.3.1.1050

 

 

Author: Deutch, Daniel, Moskovitch, Yuval and Rinetzky, Noam

Year of Conference: 2018

Title: Towards Hypothetical Reasoning via Provenance Abstraction

Conference Name: EDBT'18

URL: https://www.cs.tau.ac.il/~moskovitch1/docs/edbt18.pdf

 

 

Author: Deutsch, Lior and Horn, David

Year: 2018

Title: The Weight-Shape decomposition of density estimates: A framework for clustering and image analysis algorithms

Journal: Pattern Recognition

Volume: 81

Pages: 190-199

Date: 2018/09/01/

ISSN: 0031-3203

DOI: https://doi.org/10.1016/j.patcog.2018.03.034

Keywords: Density estimate

Quantum clustering

Mean-shift clustering

Maximum entropy

Image contour extraction

Abstract: We propose an analysis scheme which addresses the Parzen-window and mixture model methods for estimating the probability density function of data points in feature space. Both methods construct the estimate as a sum of kernel functions (usually Gaussians). By adding an entropy-like function we prove that the probability distribution is a product of a weight function and a shape distribution. This Weight-Shape decomposition leads to new interpretations of established clustering algorithms. Furthermore, it suggests the construction of three different clustering schemes, which are based on gradient-ascent flow of replica points in feature space. Two of these are Quantum Clustering and the Mean-Shift algorithm. The third algorithm is based on maximal-entropy. In our terminology they become Maximal Shape Clustering, Maximal Probability Clustering and Maximal Weight Clustering, correspondingly. We demonstrate the different methods and compare them to each other on one artificial example and two natural data sets. We also apply the Weight-Shape decomposition to image analysis. The shape distribution acts as an edge detector. It serves to generate contours, as demonstrated on face images. Furthermore, it allows for defining a convolutional Shape Filter.

URL: http://www.sciencedirect.com/science/article/pii/S0031320318301249

 

 

Author: Faisal, Mustafa, Cardenas, Alvaro A and Wool, Avishai

Year of Conference: 2016

Title: Modeling Modbus TCP for intrusion detection

Conference Name: Communications and Network Security (CNS), 2016 IEEE Conference

Conference Location: Philadelphia, PA

Publisher: IEEE

Pages: 386-390

Date: Oct. 17-19

ISBN: 1509030654

DOI: 10.1109/CNS.2016.7860524

Keywords: computer network security

deterministic automata

Markov processes

SCADA systems

telecommunication channels

transport protocols

Modbus TCP modeling

intrusion detection

deterministic finite automata

DFA

DTMC

discrete time Markov chain

SCADA

supervisory control and data acquisition system

configuration-level specification

specification-based approach

Protocols

Data models

Conferences

Communication channels

Buildings

 

Abstract: DFAs (Deterministic Finite Automata) and DTMCs (Discrete Time Markov Chain) have been proposed for modeling Modbus/TCP for intrusion detection in SCADA (Supervisory Control and Data Acquisition) systems. While these models can be used to learn the behavior of the system, they require the designer to know the appropriate amount of training data for building the model, to retrain models when configuration changes, and to generate understandable alert messages. In this paper, we propose to complement these learned models with the specification approaches. To build a robust model, we need to consider configuration-level specifications in addition to protocol specification. As Modbus/TCP is a simple protocol with handful function code(s) or commands for each communication channel, designing a specification-based approach is suitable for monitoring this communication. We do a comparison of DFA and DTMC approaches in two datasets and illustrate how to use our inferred specification to complement these models.

URL: https://ieeexplore.ieee.org/abstract/document/7860524

 

 

Author: Feder, Amir, Gandal, Neil, Hamrick, J. T. and Moore, Tyler

Year: 2017

Title: The impact of DDoS and other security shocks on Bitcoin currency exchanges: evidence from Mt. Gox

Journal: Journal of Cybersecurity

Volume: 3

Issue: 2

Pages: 137-144

Start Page: 137

ISSN: 2057-2085

DOI: 10.1093/cybsec/tyx012

Abstract: We investigate how distributed denial-of-service (DDoS) attacks and other disruptions affect the Bitcoin ecosystem. In particular, we investigate the impact of shocks on trading activity at the leading Mt. Gox exchange between April 2011 and November 2013. We find that following DDoS attacks on Mt. Gox, the number of large trades on the exchange fell sharply. In particular, the distribution of the daily trading volume becomes less skewed (fewer big trades) and had smaller kurtosis on days following DDoS attacks. The results are robust to alternative specifications, as well as to restricting the data to activity prior to March 2013, i.e., the period before the first large appreciation in the price of and attention paid to Bitcoin.

URL: http://dx.doi.org/10.1093/cybsec/tyx012

 

 

Author: Feibish, Shir Landau, Afek, Yehuda, Bremler-Barr, Anat, Cohen, Edith and Shagam, Michal

Year of Conference: 2017

Title: Mitigating DNS random subdomain DDoS attacks by distinct heavy hitters sketches

Conference Name: Proceedings of the fifth ACM/IEEE Workshop on Hot Topics in Web Systems and Technologies

Conference Location: San Jose, CA, USA

Publisher: ACM

Pages: 8

ISBN: 1450355277

URL: https://dl.acm.org/citation.cfm?id=3132474

https://hotweb2017.github.io/program.html

 

 

Author: Feldman, Yotam MY, Enea, Constantin, Morrison, Adam, Rinetzky, Noam and Shoham, Sharon

Year: 2018

Title: Order out of chaos: Proving linearizability using local views

Periodical Title: arXiv preprint arXiv:1805.03992

Abstract: Proving the linearizability of highly concurrent data structures, such as those using optimistic concurrency control, is a challenging task. The main difficulty is in reasoning about the view of the memory obtained by the threads, because as they execute, threads observe different fragments of memory from different points in time. Until today, every linearizability proof has tackled this challenge from scratch.

We present a unifying proof argument for the correctness of unsynchronized traversals, and apply it to prove the linearizability of several highly concurrent search data structures, including an optimistic self-balancing binary search tree, the Lazy List and a lock-free skip list. Our framework harnesses {\em sequential reasoning} about the view of a thread, considering the thread as if it traverses the data structure without interference from other operations. Our key contribution is showing that properties of reachability along search paths can be deduced for concurrent traversals from such interference-free traversals, when certain intuitive conditions are met. Basing the correctness of traversals on such \emph{local view arguments} greatly simplifies linearizability proofs.

To apply our framework, the user proves that the data structure satisfies two conditions: (1) acyclicity of the order on memory, even when it is considered across intermediate memory states, and (2) preservation of search paths to locations modified by interfering writes. Establishing the conditions, as well as the full linearizability proof utilizing our proof argument, reduces to simple concurrent reasoning. The result is a clear and comprehensible correctness proof, and elucidates common patterns underlying several existing data structures.

URL: https://arxiv.org/abs/1805.03992

http://www.cs.tau.ac.il/research/yotam.feldman/papers/disc18/disc18.pdf

 

 

Author: Gandal, Neil, Hamrick, J. T., Moore, Tyler and Oberman, Tali

Year: 2018

Title: Price manipulation in the Bitcoin ecosystem

Journal: Journal of Monetary Economics

Volume: 95

Pages: 86-96

Start Page: 86

Date: 2018/05/01/

ISSN: 0304-3932

DOI: https://doi.org/10.1016/j.jmoneco.2017.12.004

Keywords: Bitcoin

Cryptocurrencies

Fraud

Exchange rate manipulation

Abstract: To its proponents, the cryptocurrency Bitcoin offers the potential to disrupt payment systems and traditional currencies. It has also been subject to security breaches and wild price fluctuations. This paper identifies and analyzes the impact of suspicious trading activity on the Mt. Gox Bitcoin currency exchange, in which approximately 600,000 bitcoins (BTC) valued at $188 million were fraudulently acquired. During both periods, the USD-BTC exchange rate rose by an average of four percent on days when suspicious trades took place, compared to a slight decline on days without suspicious activity. Based on rigorous analysis with extensive robustness checks, the paper demonstrates that the suspicious trading activity likely caused the unprecedented spike in the USD-BTC exchange rate in late 2013, when the rate jumped from around $150 to more than $1,000 in two months.

URL: http://www.sciencedirect.com/science/article/pii/S0304393217301666

 

 

Author: Geva, Hilah, Barzilay, Ohad and Oestreicher-Singer, Gal

Year of Conference: 2017

Title: A Potato Salad with a Lemon Twist: Using Supply-Side Shocks to Study the Impact of Low-Quality Actors on Crowdfunding Platforms

Conference Name: ICIS 2017 38th International Conference on Information Systems

Conference Location: Seoul, South Korea

Publisher: Association for Information Systems (AIS)

Date: December 10-13

ISBN: 978-0-9966831-5-9

Abstract: Crowdfunding platforms are open peer-to-peer two-sided markets that enable amateur entrepreneurs to raise money for their ventures. However, such markets are at risk of being flooded with low-quality offerings, a situation that might be detrimental to the success of higher-quality products. We empirically investigate the implications of such situations, referred to as “market of lemons”. We analyze a quasi-natural experiment- an exogenous media shock that occurred on Kickstarter.com. The shock was followed by a sharp increase in the number of campaigns, particularly low-quality ones. These unique conditions enable us to estimate how crowdfunding platforms are affected by the presence of an atypically large number of low quality campaigns, while controlling for temporal trends and seasonal effects. We use two novel identification strategies to show that market of lemons decreases the revenue of successful campaigns. However, campaign quality moderates this effect, such that the performance of the highest-quality campaigns is unaffected.

Research Notes: The most prestigious gathering of information systems academics and research-oriented practitioners in the world

URL: https://aisel.aisnet.org/icis2017/Peer-to-Peer/Presentations/3/

http://archives.aisconferences.org/icis2017/wp-content/uploads/2017/12/ICIS2017_ProgramBook_1209.pdf

 

 

Author: Geva, Tomer, Saar-Tsechansky, Maytal and Lustiger, Harel

Year: 2019

Title: More for less: adaptive labeling payments in online labor markets

Journal: Data Mining and Knowledge Discovery

Volume: 33

Issue: 6

Pages: 1625-1673

Start Page: 1625

Date: 2019/11/01

ISSN: 1573-756X

DOI: 10.1007/s10618-019-00637-z

Abstract: In many predictive tasks where human intelligence is needed to label training instances, online crowdsourcing markets have emerged as promising platforms for large-scale, cost-effective labeling. However, these platforms also introduce significant challenges that must be addressed in order for these opportunities to materialize. In particular, it has been shown that different trade-offs between payment offered to labelers and the quality of labeling arise at different times, possibly as a result of different market conditions and even the nature of the tasks themselves. Because the underlying mechanism giving rise to different trade-offs is not well understood, for any given labeling task and at any given time, it is not known which labeling payments to offer in the market so as to produce accurate models cost-effectively. Importantly, because in these markets the acquired labels are not always correct, determining the expected effect of labels acquired at any given payment on the improvement in model performance is particularly challenging. Effective and robust methods for dealing with these challenges are essential to enable a growing reliance on these promising and increasingly popular labor markets for large-scale labeling. In this paper, we first present this new problem of Adaptive Labeling Payment (ALP): how to learn and sequentially adapt the payment offered to crowd labelers before they undertake a labeling task, so as to produce a given predictive performance cost-effectively. We then develop an ALP approach and discuss the key challenges it aims to address so as to yield consistently good performance. We evaluate our approach extensively over a wide variety of market conditions. Our results demonstrate that the ALP method we propose yields significant cost savings and robust performance across different settings. As such, our ALP approach can be used as a benchmark for future mechanisms to determine cost-effective selection of labeling payments.

URL: https://doi.org/10.1007/s10618-019-00637-z

 

 

Author: Grossman, Shelly , Abraham, Ittai , Golan-Gueta, Guy , Michalevsky, Yan , Rinetzky, Noam, Sagiv, Mooly and Zohar, Yoni

Year of Conference: 2017

Title: Online detection of effectively callback free objects with applications to smart contracts

Conference Name: Symposium on Principles of Programming Languages

Publisher: Proc. ACM Program. Lang.

Volume: 2

Issue: POPL

Pages: 1-28

Series Title: Proceedings of the ACM on Programming Languages

ISBN: 2475-1421

DOI: 10.1145/3158136

Abstract: Callbacks are essential in many programming environments, but drastically complicate program understanding and reasoning because they allow to mutate object's local states by external objects in unexpected fashions, thus breaking modularity. The famous DAO bug in the cryptocurrency framework Ethereum, employed callbacks to steal $150M. We define the notion of Effectively Callback Free (ECF) objects in order to allow callbacks without preventing modular reasoning.

An object is ECF in a given execution trace if there exists an equivalent execution trace without callbacks to this object. An object is ECF if it is ECF in every possible execution trace. We study the decidability of dynamically checking ECF in a given execution trace and statically checking if an object is ECF. We also show that dynamically checking ECF in Ethereum is feasible and can be done online. By running the history of all execution traces in Ethereum, we were able to verify that virtually all existing contract executions, excluding these of the DAO or of contracts with similar known vulnerabilities, are ECF. Finally, we show that ECF, whether it is verified dynamically or statically, enables modular reasoning about objects with encapsulated state.

URL: https://dl.acm.org/citation.cfm?doid=3177123.3158136

https://popl18.sigplan.org/event/popl-2018-papers-online-detection-of-effectively-callback-free-objects-with-applications-to-smart-contracts

 

 

Author: Hadar, Irit, Hasson, Tomer, Ayalon, Oshrat, Toch, Eran, Birnhack, Michael, Sherman, Sofia and Balissa, Arod

Year: 2018

Title: Privacy by designers: software developers’ privacy mindset

Journal: Empirical Software Engineering

Volume: 23

Issue: 1

Pages: 259-289

Start Page: 259

Date: 2018/02/01

ISSN: 1573-7616

DOI: 10.1007/s10664-017-9517-1

Abstract: Privacy by design (PbD) is a policy measure that guides software developers to apply inherent solutions to achieve better privacy protection. For PbD to be a viable option, it is important to understand developers’ perceptions, interpretation and practices as to informational privacy (or data protection). To this end, we conducted in-depth interviews with 27 developers from different domains, who practice software design. Grounded analysis of the data revealed an interplay between several different forces affecting the way in which developers handle privacy concerns. Borrowing the schema of Social Cognitive Theory (SCT), we classified and analyzed the cognitive, organizational and behavioral factors that play a role in developers’ privacy decision making. Our findings indicate that developers use the vocabulary of data security to approach privacy challenges, and that this vocabulary limits their perceptions of privacy mainly to third-party threats coming from outside of the organization; that organizational privacy climate is a powerful means for organizations to guide developers toward particular practices of privacy; and that software architectural patterns frame privacy solutions that are used throughout the development process, possibly explaining developers’ preference of policy-based solutions to architectural solutions. Further, we show, through the use of the SCT schema for framing the findings of this study, how a theoretical model of the factors that influence developers’ privacy practices can be conceptualized and used as a guide for future research toward effective implementation of PbD.

URL: https://doi.org/10.1007/s10664-017-9517-1

 

 

Author: Harel, Yaniv, Gal, Irad Ben and Elovici, Yuval

Year: 2017

Title: Cyber Security and the Role of Intelligent Systems in Addressing its Challenges

Journal: ACM Transactions on Intelligent Systems and Technology (TIST)

Volume: 8

Issue: 4

Pages: 1-12

Start Page: 1

Alternate Journal: Special Issue: Cyber Security and Regular Papers

ISSN: 2157-6904

DOI: 10.1145/3057729

Legal Note: 3057729

URL: https://dl.acm.org/citation.cfm?id=3057729

 

 

Editor: Hatuka, Tali

Year: 2018

Title: העיר בעידן הדיגיטלי - תכנון, טכנולוגיה, פרטיות ואי־שוויון

Publisher: אוני' תל אביב

DOI: http://bit.ly/2TJYeUE

Research Notes: מדריך מקיף שממפה, מבהיר ולבסוף מבקר את הזירה של 'הערים חכמות' בישראל. המדריך מבקש לבנות בסיס ידע, נגיש ופשוט בנושא למקבלי ההחלטות. מן המדריך עולות סוגיות רגישות בנוגע לתהליך קבלת ההחלטות, שימוש בתקציבים וחוסר סדר ארגוני ביישום וההטמעה של הדיגיטציה. המדריך שנכתב בעברית הופץ באופן דיגיטלי, נחשף ביום עיון ועותקים מודפסים נשלחים בימים אלו לראשי רשויות ושרים בממשלה.

URL: http://lcud.tau.ac.il/wp-content/uploads/2018/11/%D7%94%D7%A2%D7%99%D7%A8-%D7%91%D7%A2%D7%99%D7%93%D7%9F-%D7%94%D7%93%D7%99%D7%92%D7%99%D7%98%D7%9C%D7%99-%D7%AA%D7%9B%D7%A0%D7%95%D7%9F-%D7%98%D7%9B%D7%A0%D7%95%D7%9C%D7%95%D7%92%D7%99%D7%94-%D7%A4%D7%A8%D7%98%D7%99%D7%95%D7%AA-%D7%95%D7%90%D7%99-%D7%A9%D7%95%D7%95%D7%99%D7%95%D7%9F.pdf

 

 

Author: Hatuka, Tali, Rosen-Zvi, Issachar, Birnhack, Michael, Toch, Eran and Zur, Hadas

Year: 2018

Title: The Political Premises of Contemporary Urban Concepts: The Global City, the Sustainable City, the Resilient City, the Creative City, and the Smart City

Journal: Planning Theory & Practice

Volume: 19

Issue: 2

Pages: 160-179

Date: 2018/03/15

ISSN: 1464-9357

DOI: 10.1080/14649357.2018.1455216

Abstract: Numerous studies have focused on the global city, the sustainable city, the resilient city, the creative city, and the smart city, analyzing their politics, ideologies, and social implications. However, the literature lacks synthetic analysis that addresses these concepts by juxtaposing them and exploring their similarities and differences. This paper provides synthetic analysis, followed by a discussion of the concepts? competing and complementary logics of governance and citizenship. The concluding section addresses the importance of taking into account these diverse concepts as political ideas and discusses how these concepts become a prescriptive mix promoted by public officials and private developers.

URL: https://doi.org/10.1080/14649357.2018.1455216

 

 

Author: Hatuka, Tali and Zur, Hadas

Year: 2019

Title: Who is the ‘smart’ resident in the digital age? The varied profiles of users and non-users in the contemporary city

Journal: Urban Studies

Volume: 0

Issue: 0

Pages: 0042098019835690

Start Page: 004209801983569

ISSN: 0042-0980

1360-063X

DOI: 10.1177/0042098019835690

Keywords: digital age,neighbourhoods,networks,technology,smart resident,smart cities

Abstract: This paper is centred on the levels of participation in digital municipal platforms, and its goals are threefold: (1) to assess the normative aspirations and limitations of policy makers and key actors in the municipality with regard to the smart resident idea, with a focus on participation and privacy; (2) to assess and categorise levels of participation in varied social and geographic contexts in the city; and (3) to assess the possible link between participation and privacy practices among users. Empirically, this paper studies the practices of the inhabitants of Tel Aviv-Yafo City, with a focus on the use of digitised services provided by the municipality and the use of the celebrated project ‘Digi-Tel’ – a digital card that offers to the inhabitants of the city services, discounts, targeted information and benefits around the city. The assessment of the inhabitants’ practices is based on a survey that was conducted in four neighbourhoods with different socio-economic, ethnic and geographical characteristics. The survey is supplemented with interviews of prominent figures in the Tel Aviv-Yafo municipality to understand their views on participation and privacy. The paper concludes with a discussion of the varied profiles of the users and non-users of digital platforms in the city, revealing their complex approach to participation in the digital age.

URL: https://journals.sagepub.com/doi/abs/10.1177/0042098019835690

 

 

Author: Hirschprung, Ron, Toch, Eran, Schwartz-Chassidim, Hadas, Mendel, Tamir and Maimon, Oded

Year: 2017

Title: Analyzing and Optimizing Access Control Choice Architectures in Online Social Networks

Journal: ACM Transactions on Intelligent Systems and Technology (TIST)

Volume: 8

Issue: 4

Pages: 1-22

Start Page: 1

ISSN: 2157-6904

DOI: 10.1145/3046676

Legal Note: 3046676

URL: https://doi.org/10.1145/3046676

 

 

Author: Horn, David

Year: 2018

Title: Field Formulation of Parzen Data Analysis

Journal: arXiv preprint arXiv:1808.08776

Date: August

URL: https://arxiv.org/abs/1808.08776

 

 

Author: Hui, Kai-Lung, Kim, Seung Hyun and Wang, Qiu-Hong

Year: 2017

Title: Cybercrime deterrence and international legislation: evidence from distributed denial of service attacks

Journal: Management Information Systems Quarterly

Volume: 41

Issue: 2

Pages: 497–523

Start Page: 497

ISSN: 0276-7783

DOI: 10.25300/misq/2017/41.2.08

Keywords: convention on cybercrime, distributed denial of service attack, deterrence, legislation, law enforcement, cybercrime

Abstract: In this paper, we estimate the impact of enforcing the Convention on Cybercrime (COC) on deterring distributed denial of service (DDOS) attacks. Our data set comprises a sample of real, random spoof-source DDOS attacks recorded in 106 countries in 177 days in the period 2004-2008. We find that enforcing the COC decreases DDOS attacks by at least 11.8 percent, but a similar deterrence effect does not exist if the enforcing countries make a reservation on international cooperation. We also find evidence of network and displacement effects in COC enforcement. Our findings imply attackers in cyberspace are rational, motivated by economic incentives, and strategic in choosing attack targets. We draw related implications.

Research Notes: 858

URL: https://doi.org/10.25300/MISQ/2017/41.2.08

 

 

Author: Jarovsky, Ariel, Milo, Tova, Novgorodov, Slava and Tan, Wang-Chiew

Year of Conference: 2018

Title: Rule sharing for fraud detection via adaptation

Conference Name: 2018 IEEE 34th International Conference on Data Engineering (ICDE)

Publisher: IEEE

Pages: 125-136

ISBN: 1538655209

URL: https://ieeexplore.ieee.org/abstract/document/8509242/

 

 

Author: Jarovsky, Ariel, Milo, Tova, Novgorodov, Slava and Tan, Wang-Chiew

Year: 2018

Title: GOLDRUSH: rule sharing system for fraud detection

Journal: Proceedings of the Very Large Database Endowment

Volume: 11

Issue: 12

Pages: 1998-2001

Start Page: 1998

ISSN: 2150-8097

DOI: 10.14778/3229863.3236244

Legal Note: 3275581

Abstract: Fraud detection rules, written by domain experts, are often employed by financial companies to enhance their machine learning-based mechanisms for accurate detection of fraudulent transactions. Accurate rule writing is a challenging task where domain experts spend significant effort and time. A key observation is that much of this difficulty originates from the fact that experts typically work as "lone rangers" or in isolated groups to define the rules, or work on detecting frauds in one context in isolation from frauds that occur in another context. However, in practice there is a lot of commonality in what different experts are trying to achieve.

 

In this demo, we present the GOLDRUSH system, which facilitates knowledge sharing via effective adaptation of fraud detection rules from one context to another. GOLDRUSH abstracts the possible semantic interpretations of each of the conditions in the rules in one context and adapts them to the target context. Efficient algorithms are used to identify the most effective rule adaptations w.r.t a given cost-benefit metric. We showcase GOLDRUSH through a reenactment of a real-life fraud detection event. Our demonstration will engage the VLDB'18 audience, allowing them to play the role of experts collaborating in the fight against financial frauds.

URL: https://doi.org/10.14778/3229863.3236244

 

 

Author: Katz, Omer, Rinetzky, Noam and Yahav, Eran

Year of Conference: 2018

Title: Statistical Reconstruction of Class Hierarchies in Binaries

Conference Name: ASPLOS '18 ACM International Conference on Architectural Support for Programming Languages and Operating Systems

Conference Location: Williamsburg, VA, USA

Publisher: ACM

Pages: 363-376

Date: March 24th - 28th

Sponsor: ACM SIGPLAN, ACM SIGACT and ACM SIGLOG.

ISBN: 9781450349116

Proceedings Title: Proceedings of the 23rd ACM International Conference on Architectural Support for Programming Languages and Operating Systems

URL: https://www.asplos2018.org/

 

 

Author: Katz, Omer, Rinetzky, Noam and Yahav, Eran

Year: 2018

Title: Statistical Reconstruction of Class Hierarchies in Binaries

Journal: ACM SIGPLAN Notices

Volume: 53

Issue: 2

Pages: 363–376

Start Page: 363

ISSN: 0362-1340

DOI: 10.1145/3296957.3173202

Keywords: reverse engineering, x86, class hierarchies, static binary analysis

Abstract: We address a fundamental problem in reverse engineering of object-oriented code: the reconstruction of a program's class hierarchy from its stripped binary. Existing approaches rely heavily on structural information that is not always available, e.g., calls to parent constructors. As a result, these approaches often leave gaps in the hierarchies they construct, or fail to construct them altogether. Our main insight is that behavioral information can be used to infer subclass/superclass relations, supplementing any missing structural information. Thus, we propose the first statistical approach for static reconstruction of class hierarchies based on behavioral similarity. We capture the behavior of each type using a statistical language model (SLM), define a metric for pairwise similarity between types based on the Kullback-Leibler divergence between their SLMs, and lift it to determine the most likely class hierarchy. We implemented our approach in a tool called ROCK and used it to automatically reconstruct the class hierarchies of several real-world stripped C++ binaries. Our results demonstrate that ROCK obtained significantly more accurate class hierarchies than those obtained using structural analysis alone.

URL: https://doi.org/10.1145/3296957.3173202

 

 

Author: Khyzha, Artem, Attiya, Hagit, Gotsman, Alexey and Rinetzky, Noam

Year of Conference: 2018

Title: Safe privatization in transactional memory

Conference Name: PPoPP '18 Principles and Practice of Parallel Programming Principles and Practice of Parallel Programming 2018:  23nd ACM SIGPLAN Symposium on Principles and Practice of Parallel Programming

Conference Location: Vienna, Austria

Volume: 53

Issue: 1

Pages: 233-245

Series Editor: Machinery, Association for Computing

Date: February 24 - 28, 2018

Sponsor: SIGPLAN, SIGHPC

ISBN: 145034982X

978-1-4503-4982-6

Place Published: New York NY United States

Proceedings Title: Proceedings of the 23rd ACM SIGPLAN Symposium on Principles and Practice of Parallel Programming

Abstract: Transactional memory (TM) facilitates the development of concurrent applications by letting the programmer designate certain code blocks as atomic. Programmers using a TM often would like to access the same data both inside and outside transactions, e.g., to improve performance or to support legacy code. In this case, programmers would ideally like the TM to guarantee strong atomicity, where transactions can be viewed as executing atomically also with respect to non-transactional accesses. Since guaranteeing strong atomicity for arbitrary programs is prohibitively expensive, researchers have suggested guaranteeing it only for certain data-race free (DRF) programs, particularly those that follow the privatization idiom: from some point on, threads agree that a given object can be accessed non-transactionally. Supporting privatization safely in a TM is nontrivial, because this often requires correctly inserting transactional fences, which wait until all active transactions complete.

 

Unfortunately, there is currently no consensus on a single definition of transactional DRF, in particular, because no existing notion of DRF takes into account transactional fences. In this paper we propose such a notion and prove that, if a TM satisfies a certain condition generalizing opacity and a program using it is DRF assuming strong atomicity, then the program indeed has strongly atomic semantics. We show that our DRF notion allows the programmer to use privatization idioms. We also propose a method for proving our generalization of opacity and apply it to the TL2 TM.

URL: https://dl.acm.org/citation.cfm?id=3178505

https://arxiv.org/abs/1801.04249

 

 

 

Author: Kleinmann, Amit and Wool, Avishai

Year of Conference: 2015

Title: A statechart-based anomaly detection model for multi-threaded SCADA systems

Conference Name: International Conference on Critical Information Infrastructures Security

Publisher: Springer

Pages: 132-144

URL: https://link.springer.com/chapter/10.1007/978-3-319-33331-1_11

 

 

Author: Kleinmann, Amit and Wool, Avishai

Year of Conference: 2017

Title: Automatic Construction of Statechart-Based Anomaly Detection Models for Multi-Threaded Industrial Control Systems

Conference Name: ACM Transactions on Intelligent Systems and Technology (TIST)

Volume: 8

Issue: 4

Pages: 1-21

ISBN: 2157-6904

DOI: 10.1145/3011018

Place Published: 3011018

Proceedings Title: Proceedings of the 2nd ACM Workshop on Cyber-Physical Systems Security and Privacy

URL: https://dl.acm.org/citation.cfm?id=3011018

 

 

Author: Levin, Avner

Year: 2018

Title: Privacy by Design by Regulation: The Case Study of Ontario

Journal: Canadian Journal of Comparative and Contemporary Law

Volume: 4

Pages: 115

URL: http://www.cjccl.ca/wp-content/uploads/2018/08/Levin-Privacy-by-Design-by-Regulation.pdf

 

 

Author: Levy, Dor and Wolf, Lior

Year: 2017

Title: Learning to Align the Source Code to the Compiled Object Code

Editor: Doina, Precup and Yee Whye, Teh

Conference Name: Proceedings of the 34th International Conference on Machine Learning

Conference Location: Proceedings of Machine Learning Research

Publisher: PMLR

Volume: 70

Pages: 2043--2051

Label: pmlr-v70-levy17a

Abstract: We propose a new neural network architecture and use it for the task of statement-by-statement alignment of source code and its compiled object code. Our architecture learns the alignment between the two sequences – one being the translation of the other – by mapping each statement to a context-dependent representation vector and aligning such vectors using a grid of the two sequence domains. Our experiments include short C functions, both artificial and human-written, and show that our neural network architecture is able to predict the alignment with high accuracy, outperforming known baselines. We also demonstrate that our model is general and can learn to solve graph problems such as the Traveling Salesman Problem.

URL: http://proceedings.mlr.press

 

 

Author: Lupovici, Amir

Year: 2014

Title: The Attribution Problem and the Social Construction of Violence: Taking Cyber Deterrence Literature a Step Forward

Journal: International Studies Perspectives

Volume: 17

Issue: 3

Pages: 322–342

ISSN: 15283577

DOI: https://doi.org/10.1111/insp.12082

URL: https://academic.oup.com/isp/article/17/3/322/2684522  

 

 

Author: Lupovici, Amir

Year: 2019

Title: Toward a Securitization Theory of Deterrence

Journal: International Studies Quarterly

Volume: 63

Issue: 1

Pages: 177-186

Start Page: 177

Epub Date: December 2018

Date: March

ISSN: 0020-8833

DOI: https://doi.org/10.1093/isq/sqy045

Abstract: This note incorporates securitization scholarship into the study of deterrence. I argue that deterrence is a securitizing move, and it is embedded in and affected by a broader assemblage of securitizing moves performed by different actors. These include the deterrer, the putative challenger, and various third parties. Linking deterrence theory and securitization theory opens up promising directions for theory and research. Among other things, it provides a way for interpretative scholars to engage with debates within traditional deterrence scholarship—such as those regarding deterrence success, deterrence credibility, and the effects of the use of force on these dynamics. It also highlights often-overlooked issues in the study of deterrence. These include processes through which actors come to adopt this strategy. It also includes processes through which the threat to deterrence itself becomes a powerful political tool for mobilizing support to different strategic moves.

URL: https://doi.org/10.1093/isq/sqy045

 

 

Author: Maltinsky, Alex, Giladi, Ran and Shavitt, Yuval

Year: 2017

Title: On Network Neutrality Measurements

Journal: ACM Transactions on Intelligent Systems and Technology (TIST)

Volume: 8

Issue: 4

Pages: 1-22

Start Page: 1

Alternate Journal: Special Issue: Cyber Security and Regular Papers

ISSN: 2157-6904

DOI: 10.1145/3040966

Legal Note: 3040966

URL: https://dl.acm.org/citation.cfm?id=3040966

 

 

Author: Mendel, Tamir

Year: 2019

Title: Social help: developing methods to support older adults in mobile privacy and security

Conference Name: Adjunct Proceedings of the 2019 ACM International Joint Conference on Pervasive and Ubiquitous Computing and Proceedings of the 2019 ACM International Symposium on Wearable Computers

Conference Location: London, United Kingdom

Publisher: Association for Computing Machinery

Pages: 383–387

DOI: 10.1145/3341162.3349311

Keywords: help, mobile computing, older adults, assistance, security and privacy, smartphones, support

URL: https://doi.org/10.1145/3341162.3349311

 

 

Author: Mendel, Tamir and Toch, Eran

Year: 2019

Title: My Mom was Getting this Popup: Understanding Motivations and Processes in Helping Older Relatives with Mobile Security and Privacy

Journal: Proc. ACM Interact. Mob. Wearable Ubiquitous Technol.

Volume: 3

Issue: 4

Pages: Article 147

Start Page: 1

ISSN: 2474-9567

2474-9567

DOI: 10.1145/3369821

Keywords: Assistance, Security and privacy, Smartphones, Older adults, Support, Mobile computing, Help

Abstract: Security and privacy pose a serious barrier to the use of mobile technology by older adults. While support from family and friends is known to be an effective enabler in older adults' technology adoption, we know very little about the family members' motivations for providing help, the context, and the process in which they provide it. To bridge this gap, we have conducted a mixed method study, qualitatively analyzing the helpers' assistance stories and quantitatively estimating the factors that affect helpers' willingness to offer assistance to older relatives regarding mobile security and privacy problems. Our findings point to the potential for helping older relatives, i.e., people are more willing to help and guide them than other social groups. Furthermore, we show that familiarity with an older relative's preferences is essential in providing meaningful support. We discuss our findings in the context of developing a theory of collective efficacy for security and privacy and new collaborative technologies that can reduce the barriers to social help.

URL: https://doi.org/10.1145/3369821

 

 

Author: Meyer, Joachim

Year: 2017

Title: Evaluating alerting systems from descriptions

Journal: Proceedings of the Human Factors and Ergonomics Society Annual Meeting

Volume: 61

Issue: 1

Pages: 307-307

Start Page: 307

ISSN: 1541-9312

DOI: 10.1177/1541931213601557

Abstract: Decisions in almost all domains of life receive support from automation in the form of alerts, binary cues, recommendations, etc. People often use automation or decision aids without having experience with the system, because the system may be new or because they rarely use it. When such experience is unavailable, people will base their use of the system on information they may have received about it and on descriptions, often given as probabilities or proportions. Examples are the sensitivity and specificity of a diagnostic procedure in medicine or the True Positive and False Positive rates of a detector. People use these descriptions to decide to what extent they can rely on the information. So far, it is unclear which aspects of the information about a system determine people’s evaluation of the system from a description. These evaluations will determine the trust they put in the indications from the system and the adjustment of system properties, such as thresholds. To gain some insights into this issue, we conducted an experiment. We developed descriptions of 12 systems in a quality control setting, in which participants had to detect faulty items in a production process. We used Signal Detection Theory (Green & Swets, 1966) to determine the system properties. The systems differed in d’ (1.5 or 2.5), the threshold setting lnβ (-1, 0 or 1) and the prior probability for a signal pS (.05 or .2). Half of the participants saw diagnostic values, receiving descriptions in terms of the probabilities of Hit and False Alarms, while the other half saw descriptions as predictive values, receiving the Positive Predictive Value (PPV) and the Negative Predictive Value (NPV) of each system. In the past, we have shown that people adjust system thresholds better when they see predictive values (Botzer, Meyer, Bak, & Parmet, 2010). Fifty-six students evaluated the systems in a classroom setting on a scale between 0 (completely useless) and 10 (perfect). In addition to the d’ and lnβ, which we specified when we designed the systems, we also computed for each system the Probability of Correct Indication (pCorrect), the Expected Value (given the costs and benefits in the description), and the transmitted information according to Information Theory. We analyzed the results with multivariate analyses of variance and by computing the correlations between the evaluations and system properties. The results showed that participants’ responses were mainly correlated with d’. The effects of the threshold setting lnβ and of pS were small, compared to the effects of d’. The correlations with the Expected Value and the transmitted information were smaller and could be explained through d’. Thus, people evaluated a system in terms of its ability to differentiate between signal and noise. They did not evaluate the system according to the economic value it provided or the transmitted information. In addition, participants evaluated systems with different thresholds (lnβ) similarly. This means that in our experiment participants did not differentiate between more and less appropriate threshold settings. The ability to identify better or worse settings is important, because these settings are often the main system parameter users can adjust. These findings, in addition to the inherent problems that already exist in user adjustments of systems (Meyer & Sheridan, 2017), make it unlikely that people can adjust system settings correctly.

URL: http://journals.sagepub.com/doi/abs/10.1177/1541931213601557

 

 

Author: Milo, Tova, Novgorodov, Slava and Tan, Wang-Chiew

Year: 2016

Title: Rudolf: interactive rule refinement system for fraud detection

Journal: Proceedings of the  Very Large Database Endowment

Volume: 9

Issue: 13

Pages: 1465-1468

Start Page: 1465

ISSN: 2150-8097

DOI: 10.14778/3007263.3007285

Legal Note: 3007285

URL: http://www.vldb.org/pvldb/vol9/p1465-milo.pdf

 

 

Author: Mukherjee, Suvam, Padon, Oded, Shoham, Sharon, D’Souza, Deepak and Rinetzky, Noam

Year of Conference: 2017

Title: Thread-local semantics and its efficient sequential abstractions for race-free programs

Conference Name: 24th International Symposium on Static Analysis

Publisher: Springer

Pages: 253-276

DOI: http://dx.doi.org/10.1007/978-3-319-66706-5_13

Notes: Lecture Notes in Computer Science book series (LNCS, volume 10422)

Programming and Software Engineering book sub series (LNPSE, volume 10422)

URL: https://www.cs.tau.ac.il/~maon/pubs/2017-sas.pdf

https://link.springer.com/chapter/10.1007/978-3-319-66706-5_13

 

 

 

Author: Naor, Moni, Pinkas, Benny and Ronen, Eyal

Year of Conference: 2019

Title: How to (not) Share a Password: Privacy Preserving Protocols for Finding Heavy Hitters with Adversarial Behavior

Conference Name: 2019 ACM SIGSAC Conference on Computer and Communications Security

Conference Location: London, United Kingdom

Publisher: Association for Computing Machinery

Pages: 1369–1386

Series Title: Lecture Notes in Computer Science book series (LNCS, volume 10821)

Date: November

Sponsor: SIGSAC

ISBN: 978-1-4503-6747-9

DOI: 10.1145/3319535.3363204

Proceedings Title: Proceedings of the

Keywords: passwords, heavy hitters, secure computation, differential privacy, malicious model

Abstract: Bad choices of passwords were and are a pervasive problem. Users choosing weak passwords do not only compromise themselves, but the whole ecosystem. E.g, common and default passwords in IoT devices were exploited by hackers to create botnets and mount severe attacks on large Internet services, such as the Mirai botnet DDoS attack. We present a method to help protect the Internet from such large scale attacks. Our method enables a server to identify popular passwords (heavy hitters), and publish a list of over-popular passwords that must be avoided. This filter ensures that no single password can be used to compromise a large percentage of the users. The list is dynamic and can be changed as new users are added or when current users change their passwords. We apply maliciously secure two-party computation and differential privacy to protect the users' password privacy. Our solution does not require extra hardware or cost, and is transparent to the user. Our private heavy hitters construction is secure even against a malicious coalition of devices which tries to manipulate the protocol to hide the popularity of some password that the attacker is exploiting. It also ensures differential privacy under continual observation of the blacklist as it changes over time. As a reality check we conducted three tests: computed the guarantees that the system provides wrt a few publicly available databases, ran full simulations on those databases, and implemented and analyzed a proof-of-concept on an IoT device. Our construction can also be used in other settings to privately learn heavy hitters in the presence of an active malicious adversary. E.g., learning the most popular sites accessed by the Tor network.

URL: https://doi.org/10.1145/3319535.3363204

 

 

Author: Pundak, Chen, Steinhart, Yael and Goldenberg, Jacob

Year: 2018

Title: The Viciousness and Caring of Sharing: Morality and Motivations of Online Shamers

Journal: ACR European Advances

URL: http://www.acrwebsite.org/volumes/v11e/eacr_v11_1700220.pdf

 

 

 

Author: Raban, Yoel and Hauptman, Aharon

Year: 2018

Title: Foresight of cyber security threat drivers and affecting technologies

Journal: Foresight

Volume: 20

Issue: 4

Pages: 353-363

Start Page: 353

ISSN: 1463-6689

DOI: 10.1108/FS-02-2018-0020

Abstract: Purpose The cyber security industry emerged rapidly in recent years due to mounting cyber threats and increasing cyber hacking activities. Research on emerging technologies emphasizes the risks and sometimes neglects to address the potential positive contribution to cyber security. The purpose of this study is to conduct a relatively balanced long-term foresight study to elicit major significant threat drivers and to identify emerging technologies that are likely to have a significant impact on defense and attack capabilities in cyber security. Design/methodology/approach The main instruments used in this study were horizon scanning and an online survey among subject-matter experts that assessed emerging threats and the potential impact of several emerging technologies on cyber defense capabilities and cyber attack capabilities. Findings An expert survey shows that cyber resilience, homomorphic encryption and blockchain may be considered as technologies contributing mainly to defense capabilities. On the other hand, Internet of Things, biohacking and human machine interface (HMI) and autonomous technologies add mainly to attack capabilities. In the middle, we find autonomous technologies, quantum computing and artificial intelligence that contribute to defense, as well as to attack capabilities, with roughly similar impact on both. Originality/value This study adds to the current research a balanced long-term view and experts? assessment of negative and positive impacts of emerging technologies, including their time to maturity and consensus levels. Two new Likert scale measures were applied to measure the potential impact of emerging technologies on cyber security, thus enabling the classification of the results into four groups (net positive, net negative, positive-positive and negative-negative).

URL: https://doi.org/10.1108/FS-02-2018-0020

 

 

Author: Rochman, Yuval, Levy, Hanoch and Brosh, Eli

Year: 2014

Title: Efficient resource placement in cloud computing and network applications

Journal: ACM SIGMETRICS Performance Evaluation Review

Volume: 42

Issue: 2

Pages: 49-51

Start Page: 49

ISSN: 0163-5999

DOI: https://doi.org/10.1145/2667522.2667538

URL: https://doi.org/10.1145/2667522.2667538

 

 

Author: Rochman, Yuval, Levy, Hanoch and Brosh, Eli

Year: 2017

Title: Dynamic placement of resources in cloud computing and network applications

Journal: Performance Evaluation

Volume: 115

Pages: 1-37

Start Page: 1

Date: 2017/10/01/

ISSN: 0166-5316

DOI: https://doi.org/10.1016/j.peva.2017.06.003

Keywords: Resource-placement

Stochastic

Distributed-cloud

Graph algorithms

Abstract: We address the problem of dynamic resource placement in general networking and cloud computing applications. We consider a large-scale system faced by time varying and regionally distributed demands for various resources. The system operator aims at placing the resources across regions to maximize revenues, and thus needs to address the problem of how to dynamically reposition the resources in reaction to the time varying demand. The challenge posed by this setting is to deal with arbitrary multi-dimensional stochastic demands which vary over time. Under such settings one should provide a tradeoff between optimizing the resource placement as to meet its demand, and minimizing the number of added and removed resources to the placement. Our analysis and simulations reveal that optimizing the resource placement may inflict huge resource repositioning costs, even if the demand has small fluctuations. We therefore propose an algorithmic framework that overcomes this difficulty and yields very efficient dynamic placements with bounded repositioning costs. Our solution is developed under a very wide cost model, and thus allows accommodation of many systems. Our solutions are based on new analytic techniques utilizing graph theory methodologies that can be applied to other optimization/combinatorial problems.

URL: http://www.sciencedirect.com/science/article/pii/S0166531616302188

 

 

Title: Computer science for non-technological cyber programs

Conference Name: FIE 2014 IEEE Frontiers in Education Conference: Opening Innovations and Internationalization in Engineering Education

Conference Location: Madrid, Spain, Melia Castilla Hotel & Convention Center

Publisher: IEEE

Pages: 1-8

Date: October 22-25

Notes: 2014 IEEE Frontiers in Education Conference :

Research Notes: 873

URL: http://ieeexplore.ieee.org/servlet/opac?punumber=7017968

 

 

Author: Schuster, Roei, Shmatikov, Vitaly and Tromer, Eran

Year of Conference: 2017

Title: Beauty and the burst: Remote identification of encrypted video streams

Conference Name: USENIX Security

URL: https://www.usenix.org/system/files/conference/usenixsecurity17/sec17-schuster.pdf

 

 

Author: Shapira, Tal and Shavitt, Yuval

Year of Conference: 2019

Title: FlowPic: Encrypted Internet Traffic Classification is as Easy as Image Recognition

Conference Name: IEEE INFOCOM 2019-IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS)

Publisher: IEEE

Pages: 680-687

ISBN: 1728118786

 

 

Author: Shome, Rahul, Solovey, Kiril, Dobson, Andrew, Halperin, Dan and Bekris, Kostas E.

Year: 2019

Title: dRRT*: Scalable and Informed Asymptotically-Optimal Multi-Robot Motion Planning

Conference Name: CoRR European conference on Computational Geometry

Volume: abs/1903.00994

Date: /

URL: http://arxiv.org/abs/1903.00994

 

 

Author: Shome, Rahul, Solovey, Kiril, Dobson, Andrew, Halperin, Dan and Bekris, Kostas E.

Year: 2019

Title: dRRT*: Scalable and informed asymptotically-optimal multi-robot motion planning

Journal: Autonomous Robots

Volume: 44

Issue: Special Issue on Multi-Robot and Multi-Agent Systems

Pages: 443-467

Start Page: 443

Date: 2019/01/24

ISSN: 1573-7527

DOI: 10.1007/s10514-019-09832-9

Abstract: Many exciting robotic applications require multiple robots with many degrees of freedom, such as manipulators, to coordinate their motion in a shared workspace. Discovering high-quality paths in such scenarios can be achieved, in principle, by exploring the composite space of all robots. Sampling-based planners do so by building a roadmap or a tree data structure in the corresponding configuration space and can achieve asymptotic optimality. The hardness of motion planning, however, renders the explicit construction of such structures in the composite space of multiple robots impractical. This work proposes a scalable solution for such coupled multi-robot problems, which provides desirable path-quality guarantees and is also computationally efficient. In particular, the proposed $$\mathtt{dRRT^*}$$dRRT∗is an informed, asymptotically-optimal extension of a prior sampling-based multi-robot motion planner, $$\mathtt{dRRT}$$dRRT. The prior approach introduced the idea of building roadmaps for each robot and implicitly searching the tensor product of these structures in the composite space. This work identifies the conditions for convergence to optimal paths in multi-robot problems, which the prior method was not achieving. Building on this analysis, $$\mathtt{dRRT}$$dRRTis first properly adapted so as to achieve the theoretical guarantees and then further extended so as to make use of effective heuristics when searching the composite space of all robots. The case where the various robots share some degrees of freedom is also studied. Evaluation in simulation indicates that the new algorithm, $$\mathtt{dRRT^*}$$dRRT∗  converges to high-quality paths quickly and scales to a higher number of robots where various alternatives fail. This work also demonstrates the planner’s capability to solve problems involving multiple real-world robotic arms.

URL: https://doi.org/10.1007/s10514-019-09832-9

 

 

 

Author: Silverman, Gahl and Sommer, Udi

Year: 2019

Title: Prevalent Sentiments of the Concept of Jihad in the Public Commentsphere

Journal: Studies in Conflict & Terrorism

Pages: 1-29

Start Page: 1

ISSN: 1057-610X

DOI: 10.1080/1057610X.2019.1686854

Abstract: Certain studies of social conflicts and geopolitical processes through online social networks entail qualitative analysis. One such issue is the tension between Western and Muslim societies. We introduce computer-assisted qualitative sentiment analysis for the inquiry and extraction of varied sentiments. The analysis explores the prevalent meanings of the term jihad through discussions of Muslims and non-Muslims in the online public sphere. After examining 4,630 Facebook comments and replies, our examination leads to a holistic mapping that details peaceful, moderate, and radical opinions regarding jihad, which is an integral institution of the Muslim world. Through this method, we suggest a Muslim/non-Muslim tension indicator, which can be used in a range of political analyses.

URL: https://doi.org/10.1080/1057610X.2019.1686854

 

 

Author: Sternberg, Nurit, Luria, Roy, Chandhok, Susannah, Vickers, Brian, Kross, Ethan and Sheppes, Gal

Year: 2020

Title: When Facebook and finals collide - procrastinatory social media usage predicts enhanced anxiety☆

Journal: Computers in Human Behavior

Volume: 109

Pages: 106358

Start Page: 106358

Date: 2020/08/01/

ISSN: 0747-5632

DOI: https://doi.org/10.1016/j.chb.2020.106358

Keywords: Social networks

Anxiety

Self-control

Procrastination

Facebook

Abstract: In the digital age we live in, refraining from procrastinatory social media usage, particularly when conflicting with highly valued goal pursuit, can result in failure and subsequent negative psychological outcomes. Despite mounting interest, existing evidence remains correlational and restricted to mundane contexts. To fill these gaps the current two study investigation provides converging ecological and causal evidence for the influence of procrastinatory social media usage on subsequent anxiety. Study 1 used longitudinal unobtrusive measurement of actual procrastinatory Facebook usage (using designated software) together with experience-sampling, during real-life academic exam preparation period. Findings showed that enhanced procrastinatory Facebook usage predicted increased levels of anxiety over time. Further evidence provided inferences regarding the likely ordering of this association, by ruling out a reversed directionality between anxiety and subsequent Facebook usage. Providing direct causal evidence, Study 2 created a laboratory exam context conceived as highly predictive of academic success, that directly manipulated whether actual Facebook usage was procrastinatory or not, prior to examining its influence on anxiety. Supporting predictions, only when Facebook was used instead of studying, it resulted in enhanced anxiety. The present investigation illuminates when and why social media usage leads to adverse psychological consequences.

URL: http://www.sciencedirect.com/science/article/pii/S0747563220301114

 

 

Author: Sternberg, Nurit, Luria, Roy and Sheppes, Gal

Year: 2018

Title: For whom is social-network usage associated with anxiety? The moderating role of neural working-memory filtering of Facebook information

Journal: Cognitive, Affective, & Behavioral Neuroscience

Volume: 18

Issue: 6

Pages: 1145-1158

Epub Date: 2018/08/11

Date: 2018/12/01

ISSN: 1531-135X

DOI: 10.3758/s13415-018-0627-z

Accession Number: 30094562

Keywords: Adult

Anxiety/*physiopathology/psychology

Brain/*physiopathology

Electroencephalography

Female

Humans

Male

Memory, Short-Term/*physiology

Mental Health

*Social Media

*Social Networking

Students

Young Adult

*Anxiety

*eeg

*Facebook

*Filtering

*Online social networks

*Working memory

Abstract: Is Facebook usage bad for mental health? Existing studies provide mixed results, and direct evidence for neural underlying moderators is lacking. We suggest that being able to filter social-network information from accessing working memory is essential to preserve limited cognitive resources to pursue relevant goals. Accordingly, among individuals with impaired neural social-network filtering ability, enhanced social-network usage would be associated with negative mental health. Specifically, participants performed a novel electrophysiological paradigm that isolates neural Facebook filtering ability. Participants’ actual Facebook behavior and anxious symptomatology were assessed. Confirming evidence showed that enhanced Facebook usage was associated with anxious symptoms among individuals with impaired neural Facebook filtering ability. Although less robust and tentative, additional suggestive evidence indicated that this specific Facebook filtering impairment was not better explained by a general filtering deficit. These results involving a neural social-network filtering moderator, may help understand for whom increased online social-network usage is associated with negative mental health.

URL: https://doi.org/10.3758/s13415-018-0627-z

 

 

Author: Tabansky, Lior

Year of Conference: 2016

Title: Towards a Theory of Cyber Power: The Israeli Experience with Innovation and Strategy

Conference Name: 8th International Conference on Cyber Conflict (CyCon)

Conference Location: Tallinn, Estonia

Publisher: IEEE & NATO CCDCOE

Pages: 51-63

DOI: 10.1109/CYCON.2016.7529426

Place Published: Tallinn, Estonia

Year Published: 2016

Proceedings Title: Cyber Power

URL: https://ccdcoe.org/sites/default/files/multimedia/pdf/Art%2004%20Towards%20a%20Theory%20of%20Cyber%20Power%20-%20the%20Israeli%20Experience%20with%20Innovation%20and%20Strategy.pdf

https://ieeexplore.ieee.org/document/7529426?arnumber=7529426

 

 

Author: Tabansky, Lior

Year: 2017

Title: Cybered Influence Operations: towards a scientific research agenda

Journal: Security Policy Library - The Norwegian Atlantic Comittee

Volume: 2017

Issue: 2

Pages: 36

Date: December

ISSN: 0802-6602

URL: http://www.atlanterhavskomiteen.no/nettsider/dnak/publikasjoner/sikkerhetspolitisk-bibliotek h

 

 

Author: Tabansky, Lior

Year: 2018

Title: Sticking to their Guns: The Missing RMA for Cybersecurity

Journal: Military Cyber Affairs

Volume: 3

Issue: 2

Pages: 23

Date: June

Alternate Journal: The Journal of the Military Cyber Professionals Association

ISSN: 2378-0789

DOI: https://doi.org/10.5038/2378-0789.3.1.1039

Abstract: Why has cybered conflict disrupted the security of the most developed nations? A foreign adversary contemplating an attack on a developed nation's heartland certainly faces multiple state-run military-grade lines of defense on land, sea and air. A foreign adversary launching a direct cyber-attack on a non-military homeland target will meet none. Armed forces do not shield a society from cyber-attacks originated by foreign adversaries, no longer provide a buffer between the enemy and homeland, nor can they identify the attacker after an attack occurred.

Adversaries succeed in waging cybered conflict against the U.S. and its allies. Having repeatedly inflicted economic and social harm while evading retaliation, adversaries become brazen. To prevail in cybered conflict, we need to return to the very foundations of our defense.

However, profound defense adaptation is especially problematic for dominant militaries. To develop my argument, I turn to analyze a Stuxnet-like scenario using the Revolution in ‎Military Affairs (RMA) concept of Security Studies and the paradigm shift concept of philosophy of science. Security Studies theory, philosophy of science and empirical evidence all suggest that profound defense adaptation demands pressure from outside the expert organization. I argue that Security Studies theory and empirical evidence, including Israel’s defense adaptation following short-range rocket threat, suggest that civilian outsiders coalescing with military partners can successfully drive defense adaptation.

To secure the Western world order, the U.S. and its allies need to rearrange their security forces, leveraging the experience accumulated through centuries.

URL: http://scholarcommons.usf.edu/mca/vol3/iss1/3      

 

 

Author: Tabansky, Lior and Ben Israel, Isaac

Year: 2015

Title: Geopolitics and Israeli Strategy

Book Title: Cybersecurity in Israel

Publisher: Springer International Publishing

Pages: 9-14

Chapter: 2

Series Title: SpringerBriefs in Cybersecurity

ISBN: 978-3-319-18985-7

DOI: 10.1007/978-3-319-18986-4_2

Keywords: National security concept

Grand strategy

Cybersecurity

Arab-Israeli conflict

‘Iron Wall’

Quality

Qualitative superiority

URL: http://dx.doi.org/10.1007/978-3-319-18986-4_2

Language: English

 

 

Author: Tabansky, Lior and Ben Israel, Isaac

Year: 2015

Title: The National Innovation Ecosystem of Israel

Book Title: Cybersecurity in Israel

Publisher: Springer International Publishing

Pages: 15-30

Chapter: 3

Series Title: SpringerBriefs in Cybersecurity

ISBN: 978-3-319-18985-7

DOI: 10.1007/978-3-319-18986-4_3

Keywords: Innovation

Ecosystem

Science

R&D policy

Tel Aviv University

IDF

R&D expenditure

GERD

BERD

H2020

FP7

Office of the Chief Scientist OCS

Maf’at

Talpiot

Atuda

Yozma

Venture Capital

CyberSpark

CyberGym

URL: http://dx.doi.org/10.1007/978-3-319-18986-4_3

 

 

Author: Tabansky, Lior and Ben Israel, Isaac

Year: 2015

Title: Mid-1990s: The Prequel for National Cybersecurity Policy

Book Title: Cybersecurity in Israel

Publisher: Springer International Publishing

Pages: 31-34

Chapter: 4

Series Title: SpringerBriefs in Cybersecurity

ISBN: 978-3-319-18985-7

DOI: 10.1007/978-3-319-18986-4_4

Keywords: Disruption

Information assurance

Critical infrastructure

e-Government

Tehila

Distributed denial-of-service attack (DDoS)

URL: http://dx.doi.org/10.1007/978-3-319-18986-4_4

 

Author: Tabansky, Lior and Ben Israel, Isaac

Year: 2015

Title: The Israeli National Cybersecurity Policy Focuses on Critical Infrastructure Protection (CIP)

Book Title: Cybersecurity in Israel

Publisher: Springer International Publishing

Pages: 35-41

Chapter: 5

Series Title: SpringerBriefs in Cybersecurity

ISBN: 978-3-319-18985-7

DOI: 10.1007/978-3-319-18986-4_5

Keywords: Cybersecurity

Critical infrastructure

Critical infrastructure protection (CIP)

Regulation

B/84

National Information Security Authority (NISA)

Re’em

ISA

Shabak

Tel Aviv Stock Exchange (TASE)

URL: http://dx.doi.org/10.1007/978-3-319-18986-4_5

 

 

Author: Tabansky, Lior and Ben Israel, Isaac

Year: 2015

Title: Seeking Cyberpower: The National Cyber Initiative, 2010

Book Title: Cybersecurity in Israel

Publisher: Springer International Publishing

Pages: 43-48

Chapter: 6

Series Title: SpringerBriefs in Cybersecurity

ISBN: 978-3-319-18985-7

DOI: 10.1007/978-3-319-18986-4_6

Keywords: Cybersecurity

Innovation

Science

R&D policy

Multi-stakeholder

Tel Aviv University

External expert review

National cyber-initiative

URL: http://dx.doi.org/10.1007/978-3-319-18986-4_6

 

 

Author: Tabansky, Lior and Ben Israel, Isaac

Year: 2015

Title: The National Cyber-Strategy of Israel and the INCB

Book Title: Cybersecurity in Israel

Publisher: Springer International Publishing

Pages: 49-54

Chapter: 7

Series Title: SpringerBriefs in Cybersecurity

ISBN: 978-3-319-18985-7

DOI: 10.1007/978-3-319-18986-4_7

Keywords: INCB

National cyber-strategy

National cyber-policy

Resolution 3611

Global cyber-power

Critical infrastructure protection

CIP

CERT

Innovation

Cyber-industry

Growth engine

Interdisciplinary Cyber Research Centre (ICRC)

Science policy

URL: http://dx.doi.org/10.1007/978-3-319-18986-4_7

 

 

Author: Tabansky, Lior and Ben Israel, Isaac

Year: 2015

Title: Towards Comprehensive National Cybersecurity

Book Title: Cybersecurity in Israel

Publisher: Springer International Publishing

Pages: 55-61

Chapter: 8

Series Title: SpringerBriefs in Cybersecurity

ISBN: 978-3-319-18985-7

DOI: 10.1007/978-3-319-18986-4_8

Keywords: ISA

INCB

National Cyber Security Authority

NCSA

CIP

Resolution 3611

Resolution 2443

Resolution 2444

URL: http://dx.doi.org/10.1007/978-3-319-18986-4_8

 

 

Author: Tabansky, Lior and Ben Israel, Isaac

Year: 2015

Title: Striking with Bits? The IDF and Cyber-Warfare

Book Title: Cybersecurity in Israel

Publisher: Springer International Publishing

Pages: 63-69

Chapter: 9

Series Title: SpringerBriefs in Cybersecurity

ISBN: 978-3-319-18985-7

DOI: 10.1007/978-3-319-18986-4_9

Keywords: IDF

Cyber-warfare

C4I

IAF

Unit 8200

Institute for National Security Studies (INSS)

Operation Orchard

Natanz

Stuxnet

Olympic games

Attribution

Deterrence

URL: http://dx.doi.org/10.1007/978-3-319-18986-4_9

 

 

Author: Tabansky, Lior and Ben Israel, Isaac

Year: 2015

Title: Conclusion: From Cybersecurity to Cyberpower

Book Title: Cybersecurity in Israel

Publisher: Springer International Publishing

Pages: 71-73

Chapter: 10

Series Title: SpringerBriefs in Cybersecurity

ISBN: 978-3-319-18985-7

DOI: 10.1007/978-3-319-18986-4_10

Keywords: Cybersecurity

Cyberpower

Innovation ecosystem

Qualitative edge

R&D

National Cyber Initiative

INCB

NCSA

Open society

Israel

Strategy

URL: http://dx.doi.org/10.1007/978-3-319-18986-4_10

 

 

Author: Tabansky, Lior and Ben-Israel, Isaac

Year: 2015

Title: Cybersecurity in Israel

Series Editor: Gaycken, Sandro

Series Title: SpringerBriefs in Cybersecurity

Publisher: Springer

Date: August

URL: http://www.springer.com/series/10634

 

 

Author: Trabish, David, Mattavelli, Andrea, Rinetzky, Noam and Cadar, Cristian

Year of Conference: 2018

Title: Chopped Symbolic Execution

Conference Name: ICSE 2018: 40th International Conference on Software Engineering

Conference Location: Gothenburg, Sweden

Volume: Technical Papers

Date: May 27 - 3 June 2018

URL: https://www.icse2018.org/event/icse-2018-technical-papers-chopped-symbolic-execution

http://www.cs.tau.ac.il/~maon/pubs/2018-icse.pdf

https://www.computer.org/publications/tech-news/events/the-2018-international-conference-on-software-engineering-breaks-attendance-records-as-it-celebrates-its-40th-anniversary

 

 

Author: Tzezana, Roey

Year: 2016

Title: Scenarios for crime and terrorist attacks using the internet of things

Journal: European Journal of Futures Research

Volume: 4

Issue: 1

Pages: 18

Date: December 01

Type of Article: journal article

ISSN: 2195-2248

DOI: 10.1007/s40309-016-0107-z

Abstract: The Internet of Things is a paradigm in which everyday items are connected to the internet and share information with other devices. This new paradigm is rapidly becoming a reality in the developed world, and while it holds an immensely positive potential, it also means that criminals and terrorists would be able to influence the physical world from the comfort of their homes. We can expect that hackers, ransomwares, viruses, spywares and many of the other woes of the internet today will migrate to the internet of things as well. In this research we used General Morphological Analysis and brought together fifty experts on an online platform to develop novel scenarios about the crimes and terrorist acts of the future. The experts developed 21 scenarios, which were then ranked according to their plausibility. We provide a brief description of every scenario, and focus particularly on the four most plausible ones: blackmailing by connecting to smart homes, gaining insider information from wearable devices and using it for financial gains, assaulting a smart city through the internet, and performing sex crimes via connected items in the smart home.

URL: https://link.springer.com/article/10.1007%2Fs40309-016-0107-z

 

 

Author: Tzezana, Roey

Year: 2017

Title: High-probability and wild-card scenarios for future crimes and terror attacks using the Internet of Things

Journal: Foresight

Volume: 19

Issue: 1

Pages: 1-14

Start Page: 1

ISSN: 1463-6689

DOI: 10.1108/FS-11-2016-0056

Keywords: Internet of Things,Security,Terrorism,Morphological analysis,Cybersecurity,Scenario development

Abstract: This paper provides high-probability and wild-card scenarios scenarios about future crimes and terror attacks relying on the Internet of Things (IoT) indicating that the IoT is set to have a dramatic role in crime and terror attacks in future.

URL: https://www.emeraldinsight.com/doi/abs/10.1108/FS-11-2016-0056 

 

 

Author: Wan, Zhiyuan, Bao, Lingfeng, Gao, Debin, Toch, Eran, Xia, Xin, Mendel, Tamir and Lo, David

Year: 2019

Title: AppMoD: Helping Older Adults Manage Mobile Security with Online Social Help

Journal: Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies

Volume: 3

Issue: 4

Pages: Article 154

Start Page: 1

ISSN: 2474-9567

2474-9567

DOI: 10.1145/3369819

Keywords: Mobile smartphones, security, decision delegation, older adults

Abstract: The rapid adoption of Smartphone devices has caused increasing security and privacy risks and breaches. Catching up with ever-evolving contemporary smartphone technology challenges leads older adults (aged 50+) to reduce or to abandon their use of mobile technology. To tackle this problem, we present AppMoD, a community-based approach that allows delegation of security and privacy decisions a trusted social connection, such as a family member or a close friend. The trusted social connection can assist in the appropriate decision or make it on behalf of the user. We implement the approach as an Android app and describe the results of three user studies (n=50 altogether), in which pairs of older adults and family members used the app in a controlled experiment. Using app anomalies as an ongoing case study, we show how delegation improves the accuracy of decisions made by older adults. Also, we show how combining decision-delegation with crowdsourcing can enhance the advice given and improve the decision-making process. Our results suggest that a community-based approach can improve the state of mobile security and privacy.

URL: https://doi.org/10.1145/3369819

 

 

Author: Yaakov, Yoav Ben, Wang, Xinrun, Meyer, Joachim and An, Bo

Year of Conference: 2019

Title: Choosing Protection: User Investments in Security Measures for Cyber Risk Management

Conference Name: GameSec 2019: Decision and Game Theory for Security

Publisher: Springer

Pages: 33-44

Date: 23 October 2019

ISBN: 978-3-030-32430-8

DOI: https://doi.org/10.1007/978-3-030-32430-8_3

Proceedings Title: Lecture Notes in Computer Science book series (LNCS, volume 11836).

International Conference on Decision and Game Theory for Security.

Keywords: Decision making; Cyber insurance; Cybersecurity;

Abstract: Firewalls, Intrusion Detection Systems (IDS), and cyber-insurance are widely used to protect against cyber-attacks and their consequences. The optimal investment in each of these security measures depends on the likelihood of threats and the severity of the damage they cause, on the user’s ability to distinguish between malicious and non-malicious content, and on the properties of the different security measures and their costs. We present a model of the optimal investment in the security measures, given that the effectiveness of each measure depends partly on the performance of the others. We also conducted an online experiment in which participants classified events as malicious or non-malicious, based on the value of an observed variable. They could protect themselves by investing in a firewall, an IDS or insurance. Four experimental conditions differed in the optimal investment in the different measures. Participants tended to invest preferably in the IDS, irrespective of the benefits from this investment. They were able to identify the firewall and insurance conditions in which investments were beneficial, but they did not invest optimally in these measures. The results imply that users’ intuitive decisions to invest resources in risk management measures are likely to be non-optimal. It is important to develop methods to help users in their decisions.

URL: https://link.springer.com/chapter/10.1007/978-3-030-32430-8_3

 

 

Author: Yu, Jiyong, Yan, Mengjia, Khyzha, Artem, Morrison, Adam, Torrellas, Josep and Fletcher, Christopher W.

Year of Conference: 2019

Title: Speculative Taint Tracking (STT): A Comprehensive Protection for Speculatively Accessed Data

Conference Name: MICRO '52: the 52nd Annual IEEE/ACM International Symposium on Microarchitecture

Conference Location: Columbus, OH, USA

Publisher: Association for Computing Machinery

Pages: 954–968

Date: October

Sponsor: SIGMICRO, IEEE CS

DOI: 10.1145/3352460.3358274

Proceedings Title: Proceedings of the 52nd Annual IEEE/ACM International Symposium on Microarchitecture

Keywords: Speculative execution attacks, Security, Information flow, Hardware

Abstract: Speculative execution attacks present an enormous security threat, capable of reading arbitrary program data under malicious speculation, and later exfiltrating that data over microarchitectural covert channels. Since these attacks first rely on being able to read arbitrary data (potential secrets), a conservative approach to defeat all attacks is to delay the execution of instructions that read those secrets, until those instructions become non-speculative.

 

This paper's premise is that it is safe to execute and selectively forward the results of speculative instructions that read secrets, which improves performance, as long as we can prove that the forwarded results do not reach potential covert channels. We propose a comprehensive hardware protection based on this idea, called Speculative Taint Tracking (STT), capable of protecting all speculatively accessed data.

 

Our work addresses two key challenges. First, to safely selectively forward secrets, we must understand what instruction(s) can form covert channels. We provide a comprehensive study of covert channels on speculative microarchitectures, and use this study to develop hardware mechanisms that block each class of channel. Along the way, we find new classes of covert channels related to implicit flow on speculative machines. Second, for performance, it is essential to disable protection on previously protected data, as soon as doing so is safe. We identify that the earliest time is when the instruction(s) producing the protected data become non-speculative, and design a novel microarchitecture for disabling protection at this moment.

 

We provide an extensive formal analysis showing that STT enforces a novel form of non-interference, with respect to all speculatively accessed data. We further evaluate STT on 21 SPEC and 9 PARSEC workloads, and find it adds only 8.5%/14.5% overhead (depending on attack model) relative to an insecure machine, while reducing overhead by 4.7×/18.8× relative to a baseline secure scheme.

URL: https://doi.org/10.1145/3352460.3358274

https://www.cs.tau.ac.il/~mad/publications/micro2019-stt.pdf

 

 

Author: Zilberman, Noa and Shavitt, Yuval

Year: 2016

Title: Setting the Foundations for PoP-Based Internet Evolution Models

Journal: arXiv preprint arXiv:1612.04096

URL: https://arxiv.org/abs/1612.04096v2

 

 

Author: Zrahia, Aviram

Year: 2018

Title: Threat intelligence sharing between cybersecurity vendors: Network, dyadic, and agent views

Journal: Journal of Cybersecurity

Volume: 4

Issue: 1

Pages: tyy008-tyy008

ISSN: 2057-2085

DOI: 10.1093/cybsec/tyy008

Abstract: Real-time actionable threat intelligence is an emerging defense concept focused on detection and mitigation of cyber threats. The sharing of this information between parties reduces duplication of effort and allows one organization’s detection to become another’s prevention. Although there are deployments of threat intelligence sharing across different sectors, the partnerships formed between vendors in the cybersecurity market space have a significant coopetition attribute. This article aims to improve the understanding of those relationships through an empirical study by answering questions such as the following. What insights can be derived from the network structure formed between the vendors? What are the characteristics of the established relationships? Are there any properties that are common among sharing firms? The research is based on a uniquely coded dataset of vendors and their threat-sharing relationships studied from industry, dyadic, and firm perspectives. The methodology relies on a deductive-reasoning top-down approach and utilizes graph visualization and statistical analysis tools. The key findings are as follows: (i) the cybersecurity industry exhibits a small-world structure associated with communities, suitable for effective intelligence sharing, (ii) the collaborations are characterized by coopetition between loosely integrated complementary solutions, and (iii) the number of threat-sharing relationships of a firm is positively associated with its innovation level; the effect size is nearly three times stronger among publicly traded companies than privately held companies. The article aims to contribute to both domain knowledge and methodology by discussing a distinctive statistical and visual view of the analyzed ecosystem in the context of cyberspace and integrating multidisciplinary theoretical constructs into the researched domain from different study perspectives. The results may be used by security vendors, policy decision makers, and regulation authorities to assess the market dynamics, and the methodology and lessons can be generalized and applied to other domains.

URL: http://dx.doi.org/10.1093/cybsec/tyy008

 

 

Author: כהן, דניאל and ברעם, גיל

Year: 2018

Title: שימוש בלוחמת סייבר למבצעי השפעה צבאיים

Journal: מערכות

Volume: 480-481

Issue: 64-69

URL: http://maarachot.idf.il/PDF/FILES/4/114324.pdf

Translated Author: Cohen, Daniel and Baram, Gil

Translated Title: The use of cyberwarfare in military Influence Operations | Maa'rachot - IDF Journal

 

 

 

Tel Aviv University makes every effort to respect copyright. If you own copyright to the content contained
here and / or the use of such content is in your opinion infringing, Contact us as soon as possible >>