• Main
  • Publications

    The Blavatnik ICRC prides itself on facilitating interdisciplinary and global cyber scientific research.

    The cumulative research outputs of the research funded is listed in ascending alphabetical order.

     

    Author: Adamsky, Dmitry

    Year: 2017

    Title: The Israeli Odyssey toward its National Cyber Security Strategy

    Journal: The Washington Quarterly

    Volume: 40

    Issue: 2

    Pages: 113-127

    Start Page: 113

    Date: 2017/04/03

    ISSN: 0163-660X

    DOI: 10.1080/0163660X.2017.1328928

    URL: http://dx.doi.org/10.1080/0163660X.2017.1328928

     

     

    Author: Adamsky, Dmitry

    Year: 2018

    Title: From Moscow with coercion: Russian deterrence theory and strategic culture

    Journal: Journal of Strategic Studies

    Volume: 41

    Issue: 1-2

    Pages: 33-60

    Start Page: 33

    Date: 2018/02/23

    ISSN: 0140-2390

    DOI: 10.1080/01402390.2017.1347872

    Abstract: ABSTRACT The recent Russian approach to strategy has linked nuclear, conventional and informational (cyber) tools of influence into one integrated mechanism. The article traces the intellectual history of this Russian cross-domain concept, discusses its essence and highlights its destabilising effects. By analysing a case outside of Western strategic thought, it demonstrates how strategic concepts evolve differently in various cultural realms and argues for a tailored approach for exploring coercion policies of different actors. The findings of the study are applicable beyond the Russian case, and relevant to scholars and actors exploring, utilising or responding to cross-domain coercion strategy.

    URL: https://doi.org/10.1080/01402390.2017.1347872

     

     

    Author: Afek, Yehuda, Bremler-Barr, Anat, Cohen, Edith, Feibish, Shir Landau and Shagam, Michal

    Year: 2016

    Title: Efficient Distinct Heavy Hitters for DNS DDoS Attack Detection

    Journal: arXiv preprint arXiv:1612.02636

    URL: https://arxiv.org/abs/1612.02636

     

     

    Author: Afek, Yehuda, Bremler-Barr, Anat and Landau-Feibish, Shira

    Year: 2019

    Title: Zero-Day Signature Extraction for High-Volume Attacks

    Journal: IEEE/ACM Transactions on Networking

    Volume: 27

    Issue: 2

    Pages: 691-706

    Start Page: 691

    ISSN: 1063-6692

    DOI: 10.1109/TNET.2019.2899124

    Keywords: Computer crime

    Tools

    Malware

    IEEE transactions

    Computer science

    Grippers

    High volume attacks

    DDoS

    zero-day attacks

    signature extraction

    heavy hitters

    Abstract: We present a basic tool for zero day attack signature extraction. Given two large sets of messages, <inline-formula> <tex-math notation="LaTeX">$P$ </tex-math></inline-formula> the messages captured in the network at peacetime (i.e., mostly legitimate traffic) and <inline-formula> <tex-math notation="LaTeX">$A$ </tex-math></inline-formula> the messages captured during attack time (i.e., contains many attack messages), we present a tool for extracting a set <inline-formula> <tex-math notation="LaTeX">$S$ </tex-math></inline-formula> of strings that are frequently found in <inline-formula> <tex-math notation="LaTeX">$A$ </tex-math></inline-formula> and not in <inline-formula> <tex-math notation="LaTeX">$P$ </tex-math></inline-formula>, thus allowing the identification of the attack packets. This is an important tool in protecting sites on the Internet from worm attacks and distributed denial of service attacks and may also be useful for other problems, including command and control identification and the DNA-sequences analysis. The main contributions of this paper are the system we developed to extract the required signatures together with the string-heavy hitters problem definition and the algorithm for solving this problem. This algorithm finds popular strings of variable length in a set of messages, using, in a tricky way, the classic heavy-hitter algorithm as a building block. The algorithm runs in linear time requiring one-pass over the input. Our system makes use of this algorithm to extract the desired signatures. Furthermore, we provide an extended algorithm which is able to identify groups of signatures, often found together in the same packets, which further improves the quality of signatures generated by our system. Using our system, a yet unknown attack can be detected and stopped within minutes from attack start time.

    URL: https://ieeexplore.ieee.org/abstract/document/8661792

    https://doi.org/10.1109/TNET.2019.2899124

     

     

    Title: Maintaining the Union of Unit Discs under Insertions with Near-Optimal Overhead

    Journal: arXiv preprint arXiv:1903.10943

    Abstract: We present efficient data structures for problems on unit discs and arcs of their boundary in the plane. (i) We give an output-sensitive algorithm for the dynamic maintenance of the union of n unit discs under insertions in O(klog2n) update time and O(n) space, where k is the combinatorial complexity of the structural change in the union due to the insertion of the new disc. (ii) As part of the solution of (i) we devise a fully dynamic data structure for the maintenance of lower envelopes of pseudo-lines, which we believe is of independent interest. The structure has O(log2n) update time and O(logn) vertical ray shooting query time. To achieve this performance, we devise a new algorithm for finding the intersection between two lower envelopes of pseudo-lines in O(logn) time, using \emph{tentative} binary search; the lower envelopes are special in that at x=−∞ any pseudo-line contributing to the first envelope lies below every pseudo-line contributing to the second envelope. (iii) We also present a dynamic range searching structure for a set of circular arcs of unit radius (not necessarily on the boundary of the union of the corresponding discs), where the ranges are unit discs, with O(nlogn) preprocessing time, O(n1/2+ε+ℓ) query time and O(log2n) amortized update time, where ℓ is the size of the output and for any ε>0. The structure requires O(n) storage space.

    URL: https://arxiv.org/abs/1903.10943

     

     

    Author: Agarwal, Pankaj K., Cohen, Ravid, Halperin, Dan and Mulzer, Wolfgang

    Year: 2019

    Title: Dynamic Maintenance of the Lower Envelope of Pseudo-Lines

    Conference Name: CoRR European conference on Computational Geometry

    Volume: abs/1902.09565

    Date: /

    URL: http://arxiv.org/abs/1902.09565

     

     

    Author: Akavia, Adi, Leibovich, Max, Resheff, Yehezkel S, Ron, Roey, Shahar, Moni and Vald, Margarita

    Year: 2019

    Title: Privacy-Preserving Decision Tree Training and Prediction against Malicious Server

    Journal: ACR Cryptology ePrint report 2019/1282

    Abstract: Privacy-preserving machine learning enables secure outsourcing of machine learning tasks to an untrusted service provider (server) while preserving the privacy of the user's data (client). Attaining good concrete efficiency for complicated machine learning tasks, such as training decision trees, is one of the challenges in this area. Prior works on privacy-preserving decision trees required the parties to have comparable computational resources, and instructed the client to perform computation proportional to the complexity of the entire task. In this work we present new protocols for privacy-preserving decision trees, for both training and prediction, achieving the following desirable properties: 1. Efficiency: the client's complexity is independent of the training-set size during training, and of the tree size during prediction. 2. Security: privacy holds against malicious servers. 3. Practical usability: high accuracy, fast prediction, and feasible training demonstrated on standard UCI datasets, encrypted with fully homomorphic encryption. To the best of our knowledge, our protocols are the first to offer all these properties simultaneously. The core of our work consists of two technical contributions. First, a new low-degree polynomial approximation for functions, leading to faster protocols for training and prediction on encrypted data. Second, a design of an easy-to-use mechanism for proving privacy against malicious adversaries that is suitable for a wide family of protocols, and in particular, our protocols; this mechanism could be of independent interest.

    Research Notes: 911

    URL: ia.cr/2019/1282

    https://eprint.iacr.org/2019/1282.pdf

     

     

    Author: Akavia, Adi, Shaul, Hayim, Weiss, Mor and Yakhini, Zohar

    Year: 2019

    Title: Linear-Regression on Packed Encrypted Data in the Two-Server Model

    Conference Name: WAHC'19: 7th ACM Workshop on Encrypted Computing & Applied Homomorphic Cryptography

    Conference Location: London, United Kingdom

    Publisher: Association for Computing Machinery

    Pages: 21–32

    Date: November

    DOI: 10.1145/3338469.3358942

    Keywords: homomorphic encryption, privacy-preserving machine learning, rlwe, packing, linear regression, single instruction multiple data

    Abstract: Developing machine learning models from federated training data, containing many independent samples, is an important task that can significantly enhance the potential applicability and prediction power of learned models. Since single users, like hospitals or individual labs, typically collect data-sets that do not support accurate learning with high confidence, it is desirable to combine data from several users without compromising data privacy. In this paper, we develop a privacy-preserving solution for learning a linear regression model from data collectively contributed by several parties ("data owners''). Our protocol is based on the protocol of Giacomelli et al. (ACNS 2018) that utilized two non colluding servers and Linearly Homomorphic Encryption (LHE) to learn regularized linear regression models. Our methods use a different LHE scheme that allows us to significantly reduce both the number and runtime of homomorphic operations, as well as the total runtime complexity. Another advantage of our protocol is that the underlying LHE scheme is based on a different (and post-quantum secure) security assumption than Giacomelli et al. Our approach leverages the Chinese Remainder Theorem, and Single Instruction Multiple Data representations, to obtain our improved performance. For a 1000 x 40 linear regression task we can learn a model in a total of 3 seconds for the homomorphic operations, compared to more than 100 seconds reported in the literature. Our approach also scales up to larger feature spaces: we implemented a system that can handle a 1000 x 100 linear regression task, investing minutes of server computing time after a more significant offline pre-processing by the data owners. We intend to incorporate our protocol and implementations into a comprehensive system that can handle secure federated learning at larger scales.

    URL: https://doi.org/10.1145/3338469.3358942

     

     

    Author: Alon, Noga, Azar, Yossi and Berlin, Mark

    Year of Conference: 2018

    Title: The Price of Bounded Preemption

    Conference Name: Proceedings of the 30th on Symposium on Parallelism in Algorithms and Architectures

    Publisher: ACM

    Pages: 301-310

    ISBN: 1450357997

    URL: https://www.tau.ac.il/~nogaa/PDFS/preemption1.pdf

     

     

    Author: Amar, Hen, Bao, Lingfeng, Busany, Nimrod, Lo, David and Maoz, Shahar

    Year: 2018

    Title: Using finite-state models for log differencing

    Conference Name: Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering

    Conference Location: Lake Buena Vista, FL, USA

    Publisher: ACM

    Pages: 49-59

    DOI: 10.1145/3236024.3236069

    Place Published: 3236069

     

     

    Author: Amir, Eli, Levi, Shai and Livne, Tsafrir

    Year: 2018

    Title: Do firms underreport information on cyber-attacks? Evidence from capital markets

    Journal: Review of Accounting Studies

    Volume: 23

    Issue: 3

    Pages: 1177-1206

    Start Page: 1177

    Date: September 01

    Type of Article: journal article

    ISSN: 1573-7136

    DOI: 10.1007/s11142-018-9452-4

    Abstract: Firms should disclose information on material cyber-attacks. However, because managers have incentives to withhold negative information, and investors cannot discover most cyber-attacks independently, firms may underreport them. Using data on cyber-attacks that firms voluntarily disclosed, and those that were withheld and later discovered by sources outside the firm, we estimate the extent to which firms withhold information on cyber-attacks. We find withheld cyber-attacks are associated with a decline of approximately 3.6% in equity values in the month the attack is discovered, and disclosed attacks with a substantially lower decline of 0.7%. The evidence is consistent with managers not disclosing negative information below a certain threshold and withholding information on the more severe attacks. Using the market reactions to withheld and disclosed attacks, we estimate that managers disclose information on cyber-attacks when investors already suspect a high likelihood (40%) of an attack.

    URL: https://doi.org/10.1007/s11142-018-9452-4

     

     

    Author: Applebaum, Benny and Arkis, Barak

    Year of Conference: 2018

    Title: On the power of amortization in secret sharing: d-uniform secret sharing and CDS with constant information rate

    Conference Name: TCC Theory of Cryptography Conference

    Conference Location: Panaji, India

    Publisher: Springer

    Pages: 317-344

    DOI: https://doi.org/10.1007/978-3-030-03807-6_12

     

     

    Author: Applebaum, Benny, Holenstein, Thomas, Mishra, Manoj and Shayevitz, Ofer

    Year of Conference: 2018

    Title: The Communication Complexity of Private Simultaneous Messages, Revisited

    Editor: Nielsen, Jesper Buus and Rijmen, Vincent

    Conference Name: Advances in Cryptology–EUROCRYPT 2018: 37th Annual International Conference on the Theory and Applications of Cryptographic Techniques

    Conference Location: Tel Aviv, Israel

    Publisher: Springer

    Volume: 10821

    Pages: 261

    Series Title: Lecture Notes in Computer Science

    Date: April 29-May 3

    ISBN: 3319783750

    URL: https://www.springer.com/gp/book/9783319783802

     

     

     

    Author: Applebaum, Benny, Holenstein, Thomas, Mishra, Manoj and Shayevitz, Ofer

    Year: 2019

    Title: The communication complexity of private simultaneous messages, revisited

    Journal: Journal of Cryptology

    Pages: 1-37

    Date: 17 September

    ISSN: 1432-1378

    Keywords: Information theoretic security; Private simultaneous messages; Conditional disclosure of secrets

    Abstract: Private Simultaneous Message (PSM) protocols were introduced by Feige, Kilian and Naor (STOC ’94) as a minimal non-interactive model for information-theoretic three-party secure computation. While it is known that every function   f:{0,1}k×{0,1}k→{0,1}  admits a PSM protocol with exponential communication of   2k/2  (Beimel et al., TCC ’14), the best known (non-explicit) lower-bound is   3k−O(1)  bits. To prove this lower-bound, FKN identified a set of simple requirements, showed that any function that satisfies these requirements is subject to the   3k−O(1)  lower-bound, and proved that a random function is likely to satisfy the requirements.

    We revisit the FKN lower-bound and prove the following results:

    (Counterexample) We construct a function that satisfies the FKN requirements but has a PSM protocol with communication of   2k+O(1)  bits, revealing a gap in the FKN proof.

    (PSM lower-bounds) We show that, by imposing additional requirements, the FKN argument can be fixed leading to a   3k−O(logk)  lower-bound for a random function. We also get a similar lower-bound for a function that can be computed by a polynomial-size circuit (or even polynomial-time Turing machine under standard complexity-theoretic assumptions). This yields the first non-trivial lower-bound for an explicit Boolean function partially resolving an open problem of Data, Prabhakaran and Prabhakaran (Crypto ’14, IEEE Information Theory ’16). We further extend these results to the setting of imperfect PSM protocols which may have small correctness or privacy error.

     

    (CDS lower-bounds) We show that the original FKN argument applies (as is) to some weak form of PSM protocols which are strongly related to the setting of Conditional Disclosure of Secrets (CDS). This connection yields a simple combinatorial criterion for establishing linear   Ω(k) -bit CDS lower-bounds. As a corollary, we settle the complexity of the Inner Product predicate resolving an open problem of Gay, Kerenidis, and Wee (Crypto ’15).

    Notes: We are grateful to the reviewers of Eurocrypt 2018 and the Journal of Cryptology for the helpful and valuable comments on our manuscript. We especially thank the anonymous JOC referee for detecting a flaw in the original proof of Claims 9 and 13. BA and MM are supported by the European Union’s Horizon 2020 Programme (ERC-StG-2014-2020) under grant agreement no. 639813 ERC-CLC, the Check Point Institute for Information Security, and the Blavatnik Interdisciplinary Cyber Research Center. OS and MM are supported by the European Research Council, under Grant Agreement 639573.

    URL: https://doi.org/10.1007/s00145-019-09334-y

     

     

    Author: Arad, Ayala and Penczynski, Stefan

    Year: 2018

    Title: Multi‐Dimensional Reasoning in Competitive Resource Allocation Games: Evidence from Intra-Team Communication

    Conference Name: Society for the Advancement of Behavioral Economics (SABE) - International Association for Research in Economic Psychology (IAREP) Conference

    Conference Location: London

    Date: July 20

    URL: https://economics.mdx.ac.uk/sabe-2018/program/#papers

     

     

    Author: Arad, Ayala and Rubinstein, Ariel

    Year: 2019

    Title: Multidimensional Reasoning in Games: Framework, Equilibrium, and Applications

    Journal: American Economic Journal: Microeconomics

    Volume: 11

    Issue: 3

    Pages: 285-318

    Start Page: 285

    ISSN: 1945-7669

    1945-7685

    DOI: 10.1257/mic.20170322

    URL: http://www.aeaweb.org/articles?id=10.1257/mic.20170322

    https://m.tau.ac.il/~aradayal/MD.pdf

     

     

    Author: Atias, Aviel, Solovey, Kiril, Salzman, Oren and Halperin, Dan

    Year: 2018

    Title: Effective metrics for multi-robot motion-planning

    Journal: The International Journal of Robotics Research

    Volume: 37

    Issue: 13-14

    Pages: 1741-1759

    Start Page: 1741

    Date: 2018/12/01

    ISSN: 0278-3649

    DOI: 10.1177/0278364918784660

    Abstract: We study the effectiveness of metrics for multi-robot motion-planning (MRMP) when using rapidly-exploring random tree (RRT)-style sampling-based planners. These metrics play the crucial role of determining the nearest neighbors of configurations and in that they regulate the connectivity of the underlying roadmaps produced by the planners and other properties such as the quality of solution paths. After screening over a dozen different metrics we focus on the five most promising ones: two more traditional metrics, and three novel ones, which we propose here, adapted from the domain of shape-matching. In addition to the novel multi-robot metrics, a central contribution of this work are tools to analyze and predict the effectiveness of metrics in the MRMP context. We identify a suite of possible substructures in the configuration space, for which it is fairly easy: (i) to define a so-called natural distance that allows us to predict the performance of a metric, which is done by comparing the distribution of its values for sampled pairs of configurations to the distribution induced by the natural distance; and (ii) to define equivalence classes of configurations and test how well a metric covers the different classes. We provide experiments that attest to the ability of our tools to predict the effectiveness of metrics: those metrics that qualify in the analysis yield higher success rate of the planner with fewer vertices in the roadmap. We also show how combining several metrics together may lead to better results (success rate and size of roadmap) than using a single metric.

    URL: https://doi.org/10.1177/0278364918784660

    Access Date: 2020/03/19

     

     

    Author: Aviram, Nimrod, Schinzel, Sebastian, Somorovsky, Juraj, Heninger, Nadia, Dankel, Maik, Steube, Jens, Valenta, Luke, Adrian, David, Halderman, J Alex and Dukhovni, Viktor

    Year of Conference: 2016

    Title: DROWN: Breaking TLS Using SSLv2

    Conference Name: USENIX Security Symposium

    Pages: 689-706

    URL: https://ai.google/research/pubs/pub45538

    https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/aviram

     

     

    Author: Azar, Yossi, Chiplunkar, Ashish and Kaplan, Haim

    Year of Conference: 2018

    Title: Prophet secretary: Surpassing the 1-1/e barrier

    Conference Name: Proceedings of the 2018 ACM Conference on Economics and Computation

    Publisher: ACM

    Pages: 303-318

    ISBN: 1450358292

    DOI: https://doi.org/10.1145/3219166.3219182

    URL: https://arxiv.org/pdf/1711.01834

     

     

    Author: Azar, Yossi, Cohen, Ilan Reuven and Panigrahi, Debmalya

    Year of Conference: 2018

    Title: Randomized algorithms for online vector load balancing

    Conference Name: Proceedings of the Twenty-Ninth Annual ACM-SIAM Symposium on Discrete Algorithms

    Publisher: Society for Industrial and Applied Mathematics

    Pages: 980-991

    ISBN: 1611975034

    URL: https://dl.acm.org/citation.cfm?id=3175333

    https://www.dcs.warwick.ac.uk/~czumaj/SODA_2018_List_of_accepted_papers.htm

     

     

    Author: Azar, Yossi, Kamara, Seny, Menache, Ishai, Raykova, Mariana and Shepard, Bruce

    Year: 2014

    Title: Co-Location-Resistant Clouds

    Conference Name: Proceedings of the 6th ACM Workshop on Cloud Computing Security

    Conference Location: Scottsdale, Arizona, USA

    Publisher: ACM

    Pages: 9-20

    DOI: 10.1145/2664168.2664179

    URL: https://dl.acm.org/citation.cfm?id=2664179

     

     

    Author: Azar, Yossi and Vainstein, Danny

    Year of Conference: 2017

    Title: Tight bounds for clairvoyant dynamic bin packing

    Conference Name: Proceedings of the 29th ACM Symposium on Parallelism in Algorithms and Architectures

    Publisher: ACM

    Pages: 77-86

    ISBN: 145034593X

    DOI: https://doi.org/10.1145/3087556.3087570

    URL: https://dl.acm.org/citation.cfm?id=3087570

     

     

    Author: Bao, Lingfeng, Busany, Nimrod, Lo, David and Maoz, Shahar

    Year of Conference: 2019

    Title: Statistical Log Differencing

    Conference Name: 2019 34th IEEE/ACM International Conference on Automated Software Engineering (ASE)

    Pages: 851-862

    Date: 11-15 Nov. 2019

    ISBN: 2643-1572

    DOI: 10.1109/ASE.2019.00084

    Keywords: program testing

    statistical testing

    system monitoring

    statistical log differencing

    statistical hypothesis testing

    statistical significance value

    statistically significant differences

    real-world logs

    software evolution

    software testing

    software security

    s2KDiff

    snKDiff

    Log analysis

    Model inference

    Abstract: Recent works have considered the problem of log differencing: given two or more system's execution logs, output a model of their differences. Log differencing has potential applications in software evolution, testing, and security. In this paper we present statistical log differencing, which accounts for frequencies of behaviors found in the logs. We present two algorithms, s2KDiff for differencing two logs, and snKDiff, for differencing of many logs at once, both presenting their results over a single inferred model. A unique aspect of our algorithms is their use of statistical hypothesis testing: we let the engineer control the sensitivity of the analysis by setting the target distance between probabilities and the statistical significance value, and report only (and all) the statistically significant differences. Our evaluation shows the effectiveness of our work in terms of soundness, completeness, and performance. It also demonstrates its effectiveness compared to previous work via a user-study and its potential applications via a case study using real-world logs.

    URL: https://ieeexplore.ieee.org/document/8952205

     

     

    Author: Baram, Gil, Cohen, Daniel, Shapira, Zeev, Wechsler, Omree, Hight, Nir and Ben-Israel, Isaac

    Year: 2018

    Title: Strategic trends in the global cyber conflict

    Journal: Cyber Security: A Peer-Reviewed Journal

    Volume: 2

    Issue: 3

    Pages: 238-250

    Keywords: cyber security

    China

    Europe

    conflict

    United States

    Russia

    Abstract: The paper reviews the main strategic trends in cyber policy and security in recent years, pointing out the emergence of a new &#8216;cyber escalation cycle&#8217;: while states are investing significant resources to improve their offensive cyber capabilities, these capabilities are subsequently being stolen, publicised and used by hostile countries to launch devastating cyberattacks. This has led governments to pursue legislation to control incoming technology, changing the technological relations between countries. Given the development of enhanced cyber capabilities and the effectiveness of the attacks, we believe that leakage followed by immediate use of the leaked offensive cyber weapons against rival countries will only increase, making this issue even more contentious.

    URL: https://www.ingentaconnect.com/content/hsp/jcs/2018/00000002/00000003/art00006

     

     

    Author: Baram, Gil and Sommer, Udi

    Year of Conference: 2019

    Title: Covert or not Covert: National Strategies During Cyber Conflict

    Conference Name: 2019 11th International Conference on Cyber Conflict (CyCon)

    Conference Location: Tallinn, Estonia

    Publisher: IEEE

    Volume: 900

    Pages: 1-16

    Date: 28-31 May

    ISBN: 2325-5366   978-9949-9904-5-0

    DOI: 10.23919/CYCON.2019.8756682

    Keywords: computer crime

    data privacy

    decision making

    organisational aspects

    covertness

    cyber conflict

    international arena

    cyber operations

    real-world cyber attacks

    covert actions

    national cyber strategies

    Abstract: Anonymity is considered to be a key characteristic of cyber conflict. Indeed, existing accounts in the literature focus on the advantages of the non-disclosure of cyber attacks. Such focus inspires the expectation that countries would opt to maintain covertness. This hypothesis is rejected in an empirical investigation we conducted on victims' strategies during cyber conflict: in numerous cases, victim states choose to publicly reveal the fact that they had been attacked. These counterintuitive findings are important empirically, but even more so theoretically. They motivate an investigation into the decision to forsake covertness. What does actually motivate states to move into the international arena and publicly expose a cyber attack? The goal of this paper is to understand why and under which geopolitical circumstances countries choose to give up the advantages of anonymity. Whether they wish to Name and Shame opponents for ignoring international norms or whether they try to avoid public humiliation, victims of cyber attacks occasionally reveal the fact that they had been attacked. There is tension between such motivations and the will to protect intelligence sources and the incentives to prevent escalation if an attack is revealed, even more so if the attacker is exposed. Indeed, we find that sunk costs, counter-escalation risks and the need to signal resolve-while critical in motivating victims to keep cyber attacks secret-may not suffice under such specific circumstances. By focusing on the victim's side, we draw inspiration from data on real-world cyber attacks in order to place cyber operations in the larger context of secrecy and covert actions in the international arena. In so doing, the aim is to advance the use of empirical data for understanding the dynamics of cyber conflict and the decision-making process of states operating in this increasingly complex domain.

    URL: https://ieeexplore.ieee.org/abstract/document/8756682

     

     

    Author: Barzilay, Ohad, Geva, Hilah, Goldstein, Anat and Oestreicher-Singer, Gal

    Year of Conference: 2018

    Title: Open to Everyone? The Long Tail of the Peer Economy: Evidence from Kickstarter

    Conference Name: 39th International Conference on Information Systems

    Publisher: AIS

    URL: https://aisel.aisnet.org/cgi/viewcontent.cgi?article=1045&context=icis2018

     

     

    Author: Barzilay, Ohad, Geva, Hilah, Goldstein, Anat and Oestreicher-Singer, Gal

    Year: 2018

    Title: Equal Opportunity for All? The Long Tail of Crowdfunding: Evidence From Kickstarter

    Journal: SSRN Electronic Journal

    URL: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3215280

     

     

    Author: Bermanis, Amit, Wolf, Guy and Averbuch, Amir

    Year: 2016

    Title: Diffusion-based kernel methods on Euclidean metric measure spaces

    Journal: Applied and Computational Harmonic Analysis

    Volume: 41

    Issue: 1

    Pages: 190-213

    Start Page: 190

    ISSN: 1063-5203

    DOI: http://dx.doi.org/10.1016/j.acha.2015.07.005

    Abstract: Diffusion-based kernel methods are commonly used for analyzing massive high dimensional datasets. These methods utilize a non-parametric approach to represent the data by using an affinity kernel that represents similarities, distances or correlations between data points. The kernel is based on a Markovian diffusion process, whose transition probabilities are determined by local distances between data points. Spectral analysis of this kernel provides a representation of the data, where Euclidean distances correspond to diffusion distances between data points. When the data lies on a low dimensional manifold, these diffusion distances encompass the geometry of the manifold. In this paper, we present a generalized approach for defining diffusion-based kernels by incorporating measure-based information, which represents the density or distribution of the data, together with its local distances. The generalized construction does not require an underlying manifold to provide a meaningful kernel interpretation but assumes a more relaxed assumption that the measure and its support are related to a locally low dimensional nature of the analyzed phenomena. This kernel is shown to satisfy the necessary spectral properties that are required in order to provide a low dimensional embedding of the data. The associated diffusion process is analyzed via its infinitesimal generator and the provided embedding is demonstrated in two geometric scenarios.

    URL: http://dx.doi.org/10.1016/j.acha.2015.07.005

     

     

    Record Number: 48

    Author: Birnhack, Michael

    Year: 2018

    Title: הגנה על הפרטיות בעיר הדיגיטלית

    Editor: Hatuka, Tali

    Book Title: העיר בעידן הדיגיטלי

    Pages: 56-85

    URL: https://ssrn.com/abstract=3291383

     

     

     

    Author: Birnhack, Michael, Toch, Eran and Hadar, Irit

    Year: 2014

    Title: Privacy Mindset, Technological Mindset

    Journal: Jurimetrics

    Volume: 55

    Issue: 1

    Pages: 55-114

    ISSN: 08971277, 21544344

    Legal Note: Full publication date: FALL 2014

    Abstract: [Policymakers around the world constantly search for new tools to address growing concerns about informational privacy (data protection). One solution that has gained support in recent years among policy makers is Privacy by Design (PbD). The idea is simple: think of privacy ex ante, and embed privacy within the design of a new technological system, rather than try to fix it ex post, when it is often too late. However, PbD is yet to gain an active role in engineering practices. Thus far, there are only a few success stories. This article argues that a major obstacle for PbD is the discursive and conceptual gap between law and technology. A better diagnosis of the gaps between the legal and technological perceptions of privacy is a crucial step in seeking viable solutions. We juxtapose the two fields by reading each field in terms of the other: (1) by reverse engineering the law to expose its hidden assumptions about technology (the law's technological mindset), and (2) by reading canonical technological texts to expose their hidden assumptions about privacy (technology's privacy mindset). This article's focus is on one set of informational privacy practices: the large corporation that collects data from individual data subjects. This dual reverse engineering exercise indicates substantial gaps between the legal perception of informational privacy, as reflected in the set of principles commonly known as Fair Information Practice Principles (FIPPs) and the perceptions of the engineering community. While both information technology and privacy law attempt to regulate the flow of data, they do so in utterly different ways, holding different goals and applying different constraints. The gaps between law and technology point to potential avenues to save PbD.]

    URL: http://www.jstor.org/stable/24395620

     

     

    Author: Busany, Nimrod, Maoz, Shahar and Yulazari, Y.

    Year of Conference: 2019

    Title: Size and Accuracy in Model Inference

    Conference Name: 2019 34th IEEE/ACM International Conference on Automated Software Engineering (ASE)

    Pages: 887-898

    Date: 11-15 Nov. 2019

    ISBN: 2643-1572

    DOI: 10.1109/ASE.2019.00087

    Keywords: finite state machines

    inference mechanisms

    finite-state models

    execution logs

    classic k-Tails model inference algorithm

    mk-Tails

    fine-grained control

    real-world logs

    Log analysis

    Model inference

    Abstract: Many works infer finite-state models from execution logs. Large models are more accurate but also more difficult to present and understand. Small models are easier to present and understand but are less accurate. In this work we investigate the tradeoff between model size and accuracy in the context of the classic k-Tails model inference algorithm. First, we define mk-Tails, a generalization of k-Tails from one to many parameters, which enables fine-grained control over the tradeoff. Second, we extend mk-Tails with a reduction based on past-equivalence, which effectively reduces the size of the model without decreasing its accuracy. We implemented our work and evaluated its performance and effectiveness on real-world logs as well as on models and generated logs from the literature.

    Research Notes: 879

    URL: https://ieeexplore.ieee.org/document/8952335

     

     

    Author: Carmon, Elad, Seifert, Jean-Pierre and Wool, Avishai

    Year of Conference: 2017

    Title: Photonic side channel attacks against RSA

    Conference Name: 2017 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)

    Conference Location: McLean, VA, USA

    Publisher: IEEE

    Pages: 74-78

    Date: 1-5 May 2017

    DOI: 10.1109/HST.2017.7951801

    Keywords: public key cryptography

    photonic side channel attacks

    public-key cryptosystem

    RSA modular exponentiation

    Karatsuba multiplication method

    decryption

    Montgomery's ladder

    word length 2048 bit

    word length 1024 bit

    word length 32 bit

    word length 64 bit

    Photonics

    Random access memory

    Monitoring

    Integrated circuits

    Transistors

    Cryptography

    Abstract: This paper describes the first attack utilizing the photonic side channel against a public-key crypto-system. We evaluated three common implementations of RSA modular exponentiation, all using the Karatsuba multiplication method. We discovered that the key length had marginal impact on resilience to the attack: attacking a 2048-bit key required only 9% more decryption attempts than a 1024-bit key. We found that the most dominant parameter impacting the attacker's effort is the minimal block size at which the Karatsuba method reverts to naive multiplication: even for parameter values as low as 32 or 64 bits our attacks achieve 100% success rate with under 10,000 decryption operations. Somewhat surprisingly, we discovered that Montgomery's Ladder-commonly perceived as the most resilient of the three implementations to side-channel attacks-was actually the most susceptible: for 2048-bit keys, our attack reveals 100% of the secret key bits with as few as 4000 decryptions.

    URL: https://ieeexplore.ieee.org/abstract/document/7951801

     

     

    Author: Cohen, Ran, Haitner, Iftach, Makriyannis, Nikolaos, Orland, Matan and Samorodnitsky, Alex

    Year: 2019

    Title: On the round complexity of randomized Byzantine agreement

    Conference Name: DISC 2019: 33rd International Symposium on Distributed Computing

    Conference Location: Budapest, Hungary

    Date: October

    Type: arXiv preprint arXiv:1907.11329

    DOI: 10.4230/LIPIcs.DISC.2019.12

    Research Notes: 877

    URL: http://www.cs.tau.ac.il/~iftachh/papers/ByzAgmntLB/BA_Full.pdf

    http://www.dagstuhl.de/dagpub/978-3-95977-126-9

    https://drops.dagstuhl.de/opus/volltexte/2019/11319/pdf/LIPIcs-DISC-2019-12.pdf

     

     

    Author: Cohen, Ravid, Yovel, Yossi and Halperin, Dan

    Year: 2019

    Title: Sensory regimes of effective distributed searching without leaders

    Journal: arXiv preprint arXiv:1904.02895

    URL: https://arxiv.org/pdf/1904.02895

     

     

    Author: Demchak, Chris C and Shavitt, Yuval

    Year: 2018

    Title: China’s Maxim–Leave No Access Point Unexploited: The Hidden Story of China Telecom’s BGP Hijacking

    Journal: Military Cyber Affairs

    Volume: 3

    Issue: 1

    Pages: 7

    ISSN: 2378-0789

    URL: https://doi.org/10.5038/2378-0789.3.1.1050

     

     

    Author: Deutch, Daniel, Moskovitch, Yuval and Rinetzky, Noam

    Year of Conference: 2018

    Title: Towards Hypothetical Reasoning via Provenance Abstraction

    Conference Name: EDBT'18

    URL: https://www.cs.tau.ac.il/~moskovitch1/docs/edbt18.pdf

     

     

    Author: Deutsch, Lior and Horn, David

    Year: 2018

    Title: The Weight-Shape decomposition of density estimates: A framework for clustering and image analysis algorithms

    Journal: Pattern Recognition

    Volume: 81

    Pages: 190-199

    Date: 2018/09/01/

    ISSN: 0031-3203

    DOI: https://doi.org/10.1016/j.patcog.2018.03.034

    Keywords: Density estimate

    Quantum clustering

    Mean-shift clustering

    Maximum entropy

    Image contour extraction

    Abstract: We propose an analysis scheme which addresses the Parzen-window and mixture model methods for estimating the probability density function of data points in feature space. Both methods construct the estimate as a sum of kernel functions (usually Gaussians). By adding an entropy-like function we prove that the probability distribution is a product of a weight function and a shape distribution. This Weight-Shape decomposition leads to new interpretations of established clustering algorithms. Furthermore, it suggests the construction of three different clustering schemes, which are based on gradient-ascent flow of replica points in feature space. Two of these are Quantum Clustering and the Mean-Shift algorithm. The third algorithm is based on maximal-entropy. In our terminology they become Maximal Shape Clustering, Maximal Probability Clustering and Maximal Weight Clustering, correspondingly. We demonstrate the different methods and compare them to each other on one artificial example and two natural data sets. We also apply the Weight-Shape decomposition to image analysis. The shape distribution acts as an edge detector. It serves to generate contours, as demonstrated on face images. Furthermore, it allows for defining a convolutional Shape Filter.

    URL: http://www.sciencedirect.com/science/article/pii/S0031320318301249

     

     

    Author: Faisal, Mustafa, Cardenas, Alvaro A and Wool, Avishai

    Year of Conference: 2016

    Title: Modeling Modbus TCP for intrusion detection

    Conference Name: Communications and Network Security (CNS), 2016 IEEE Conference

    Conference Location: Philadelphia, PA

    Publisher: IEEE

    Pages: 386-390

    Date: Oct. 17-19

    ISBN: 1509030654

    DOI: 10.1109/CNS.2016.7860524

    Keywords: computer network security

    deterministic automata

    Markov processes

    SCADA systems

    telecommunication channels

    transport protocols

    Modbus TCP modeling

    intrusion detection

    deterministic finite automata

    DFA

    DTMC

    discrete time Markov chain

    SCADA

    supervisory control and data acquisition system

    configuration-level specification

    specification-based approach

    Protocols

    Data models

    Conferences

    Communication channels

    Buildings

     

    Abstract: DFAs (Deterministic Finite Automata) and DTMCs (Discrete Time Markov Chain) have been proposed for modeling Modbus/TCP for intrusion detection in SCADA (Supervisory Control and Data Acquisition) systems. While these models can be used to learn the behavior of the system, they require the designer to know the appropriate amount of training data for building the model, to retrain models when configuration changes, and to generate understandable alert messages. In this paper, we propose to complement these learned models with the specification approaches. To build a robust model, we need to consider configuration-level specifications in addition to protocol specification. As Modbus/TCP is a simple protocol with handful function code(s) or commands for each communication channel, designing a specification-based approach is suitable for monitoring this communication. We do a comparison of DFA and DTMC approaches in two datasets and illustrate how to use our inferred specification to complement these models.

    URL: https://ieeexplore.ieee.org/abstract/document/7860524

     

     

    Author: Feder, Amir, Gandal, Neil, Hamrick, J. T. and Moore, Tyler

    Year: 2017

    Title: The impact of DDoS and other security shocks on Bitcoin currency exchanges: evidence from Mt. Gox

    Journal: Journal of Cybersecurity

    Volume: 3

    Issue: 2

    Pages: 137-144

    Start Page: 137

    ISSN: 2057-2085

    DOI: 10.1093/cybsec/tyx012

    Abstract: We investigate how distributed denial-of-service (DDoS) attacks and other disruptions affect the Bitcoin ecosystem. In particular, we investigate the impact of shocks on trading activity at the leading Mt. Gox exchange between April 2011 and November 2013. We find that following DDoS attacks on Mt. Gox, the number of large trades on the exchange fell sharply. In particular, the distribution of the daily trading volume becomes less skewed (fewer big trades) and had smaller kurtosis on days following DDoS attacks. The results are robust to alternative specifications, as well as to restricting the data to activity prior to March 2013, i.e., the period before the first large appreciation in the price of and attention paid to Bitcoin.

    URL: http://dx.doi.org/10.1093/cybsec/tyx012

     

     

    Author: Feibish, Shir Landau, Afek, Yehuda, Bremler-Barr, Anat, Cohen, Edith and Shagam, Michal

    Year of Conference: 2017

    Title: Mitigating DNS random subdomain DDoS attacks by distinct heavy hitters sketches

    Conference Name: Proceedings of the fifth ACM/IEEE Workshop on Hot Topics in Web Systems and Technologies

    Conference Location: San Jose, CA, USA

    Publisher: ACM

    Pages: 8

    ISBN: 1450355277

    URL: https://dl.acm.org/citation.cfm?id=3132474

    https://hotweb2017.github.io/program.html

     

     

    Author: Feldman, Yotam MY, Enea, Constantin, Morrison, Adam, Rinetzky, Noam and Shoham, Sharon

    Year: 2018

    Title: Order out of chaos: Proving linearizability using local views

    Periodical Title: arXiv preprint arXiv:1805.03992

    Abstract: Proving the linearizability of highly concurrent data structures, such as those using optimistic concurrency control, is a challenging task. The main difficulty is in reasoning about the view of the memory obtained by the threads, because as they execute, threads observe different fragments of memory from different points in time. Until today, every linearizability proof has tackled this challenge from scratch.

    We present a unifying proof argument for the correctness of unsynchronized traversals, and apply it to prove the linearizability of several highly concurrent search data structures, including an optimistic self-balancing binary search tree, the Lazy List and a lock-free skip list. Our framework harnesses {\em sequential reasoning} about the view of a thread, considering the thread as if it traverses the data structure without interference from other operations. Our key contribution is showing that properties of reachability along search paths can be deduced for concurrent traversals from such interference-free traversals, when certain intuitive conditions are met. Basing the correctness of traversals on such \emph{local view arguments} greatly simplifies linearizability proofs.

    To apply our framework, the user proves that the data structure satisfies two conditions: (1) acyclicity of the order on memory, even when it is considered across intermediate memory states, and (2) preservation of search paths to locations modified by interfering writes. Establishing the conditions, as well as the full linearizability proof utilizing our proof argument, reduces to simple concurrent reasoning. The result is a clear and comprehensible correctness proof, and elucidates common patterns underlying several existing data structures.

    URL: https://arxiv.org/abs/1805.03992

    http://www.cs.tau.ac.il/research/yotam.feldman/papers/disc18/disc18.pdf

     

     

    Author: Gandal, Neil, Hamrick, J. T., Moore, Tyler and Oberman, Tali

    Year: 2018

    Title: Price manipulation in the Bitcoin ecosystem

    Journal: Journal of Monetary Economics

    Volume: 95

    Pages: 86-96

    Start Page: 86

    Date: 2018/05/01/

    ISSN: 0304-3932

    DOI: https://doi.org/10.1016/j.jmoneco.2017.12.004

    Keywords: Bitcoin

    Cryptocurrencies

    Fraud

    Exchange rate manipulation

    Abstract: To its proponents, the cryptocurrency Bitcoin offers the potential to disrupt payment systems and traditional currencies. It has also been subject to security breaches and wild price fluctuations. This paper identifies and analyzes the impact of suspicious trading activity on the Mt. Gox Bitcoin currency exchange, in which approximately 600,000 bitcoins (BTC) valued at $188 million were fraudulently acquired. During both periods, the USD-BTC exchange rate rose by an average of four percent on days when suspicious trades took place, compared to a slight decline on days without suspicious activity. Based on rigorous analysis with extensive robustness checks, the paper demonstrates that the suspicious trading activity likely caused the unprecedented spike in the USD-BTC exchange rate in late 2013, when the rate jumped from around $150 to more than $1,000 in two months.

    URL: http://www.sciencedirect.com/science/article/pii/S0304393217301666

     

     

    Author: Geva, Hilah, Barzilay, Ohad and Oestreicher-Singer, Gal

    Year of Conference: 2017

    Title: A Potato Salad with a Lemon Twist: Using Supply-Side Shocks to Study the Impact of Low-Quality Actors on Crowdfunding Platforms

    Conference Name: ICIS 2017 38th International Conference on Information Systems

    Conference Location: Seoul, South Korea

    Publisher: Association for Information Systems (AIS)

    Date: December 10-13

    ISBN: 978-0-9966831-5-9

    Abstract: Crowdfunding platforms are open peer-to-peer two-sided markets that enable amateur entrepreneurs to raise money for their ventures. However, such markets are at risk of being flooded with low-quality offerings, a situation that might be detrimental to the success of higher-quality products. We empirically investigate the implications of such situations, referred to as “market of lemons”. We analyze a quasi-natural experiment- an exogenous media shock that occurred on Kickstarter.com. The shock was followed by a sharp increase in the number of campaigns, particularly low-quality ones. These unique conditions enable us to estimate how crowdfunding platforms are affected by the presence of an atypically large number of low quality campaigns, while controlling for temporal trends and seasonal effects. We use two novel identification strategies to show that market of lemons decreases the revenue of successful campaigns. However, campaign quality moderates this effect, such that the performance of the highest-quality campaigns is unaffected.

    Research Notes: The most prestigious gathering of information systems academics and research-oriented practitioners in the world

    URL: https://aisel.aisnet.org/icis2017/Peer-to-Peer/Presentations/3/

    http://archives.aisconferences.org/icis2017/wp-content/uploads/2017/12/ICIS2017_ProgramBook_1209.pdf

     

     

    Author: Geva, Tomer, Saar-Tsechansky, Maytal and Lustiger, Harel

    Year: 2019

    Title: More for less: adaptive labeling payments in online labor markets

    Journal: Data Mining and Knowledge Discovery

    Volume: 33

    Issue: 6

    Pages: 1625-1673

    Start Page: 1625

    Date: 2019/11/01

    ISSN: 1573-756X

    DOI: 10.1007/s10618-019-00637-z

    Abstract: In many predictive tasks where human intelligence is needed to label training instances, online crowdsourcing markets have emerged as promising platforms for large-scale, cost-effective labeling. However, these platforms also introduce significant challenges that must be addressed in order for these opportunities to materialize. In particular, it has been shown that different trade-offs between payment offered to labelers and the quality of labeling arise at different times, possibly as a result of different market conditions and even the nature of the tasks themselves. Because the underlying mechanism giving rise to different trade-offs is not well understood, for any given labeling task and at any given time, it is not known which labeling payments to offer in the market so as to produce accurate models cost-effectively. Importantly, because in these markets the acquired labels are not always correct, determining the expected effect of labels acquired at any given payment on the improvement in model performance is particularly challenging. Effective and robust methods for dealing with these challenges are essential to enable a growing reliance on these promising and increasingly popular labor markets for large-scale labeling. In this paper, we first present this new problem of Adaptive Labeling Payment (ALP): how to learn and sequentially adapt the payment offered to crowd labelers before they undertake a labeling task, so as to produce a given predictive performance cost-effectively. We then develop an ALP approach and discuss the key challenges it aims to address so as to yield consistently good performance. We evaluate our approach extensively over a wide variety of market conditions. Our results demonstrate that the ALP method we propose yields significant cost savings and robust performance across different settings. As such, our ALP approach can be used as a benchmark for future mechanisms to determine cost-effective selection of labeling payments.

    URL: https://doi.org/10.1007/s10618-019-00637-z

     

     

    Author: Grossman, Shelly , Abraham, Ittai , Golan-Gueta, Guy , Michalevsky, Yan , Rinetzky, Noam, Sagiv, Mooly and Zohar, Yoni

    Year of Conference: 2017

    Title: Online detection of effectively callback free objects with applications to smart contracts

    Conference Name: Symposium on Principles of Programming Languages

    Publisher: Proc. ACM Program. Lang.

    Volume: 2

    Issue: POPL

    Pages: 1-28

    Series Title: Proceedings of the ACM on Programming Languages

    ISBN: 2475-1421

    DOI: 10.1145/3158136

    Abstract: Callbacks are essential in many programming environments, but drastically complicate program understanding and reasoning because they allow to mutate object's local states by external objects in unexpected fashions, thus breaking modularity. The famous DAO bug in the cryptocurrency framework Ethereum, employed callbacks to steal $150M. We define the notion of Effectively Callback Free (ECF) objects in order to allow callbacks without preventing modular reasoning.

    An object is ECF in a given execution trace if there exists an equivalent execution trace without callbacks to this object. An object is ECF if it is ECF in every possible execution trace. We study the decidability of dynamically checking ECF in a given execution trace and statically checking if an object is ECF. We also show that dynamically checking ECF in Ethereum is feasible and can be done online. By running the history of all execution traces in Ethereum, we were able to verify that virtually all existing contract executions, excluding these of the DAO or of contracts with similar known vulnerabilities, are ECF. Finally, we show that ECF, whether it is verified dynamically or statically, enables modular reasoning about objects with encapsulated state.

    URL: https://dl.acm.org/citation.cfm?doid=3177123.3158136

    https://popl18.sigplan.org/event/popl-2018-papers-online-detection-of-effectively-callback-free-objects-with-applications-to-smart-contracts

     

     

    Author: Hadar, Irit, Hasson, Tomer, Ayalon, Oshrat, Toch, Eran, Birnhack, Michael, Sherman, Sofia and Balissa, Arod

    Year: 2018

    Title: Privacy by designers: software developers’ privacy mindset

    Journal: Empirical Software Engineering

    Volume: 23

    Issue: 1

    Pages: 259-289

    Start Page: 259

    Date: 2018/02/01

    ISSN: 1573-7616

    DOI: 10.1007/s10664-017-9517-1

    Abstract: Privacy by design (PbD) is a policy measure that guides software developers to apply inherent solutions to achieve better privacy protection. For PbD to be a viable option, it is important to understand developers’ perceptions, interpretation and practices as to informational privacy (or data protection). To this end, we conducted in-depth interviews with 27 developers from different domains, who practice software design. Grounded analysis of the data revealed an interplay between several different forces affecting the way in which developers handle privacy concerns. Borrowing the schema of Social Cognitive Theory (SCT), we classified and analyzed the cognitive, organizational and behavioral factors that play a role in developers’ privacy decision making. Our findings indicate that developers use the vocabulary of data security to approach privacy challenges, and that this vocabulary limits their perceptions of privacy mainly to third-party threats coming from outside of the organization; that organizational privacy climate is a powerful means for organizations to guide developers toward particular practices of privacy; and that software architectural patterns frame privacy solutions that are used throughout the development process, possibly explaining developers’ preference of policy-based solutions to architectural solutions. Further, we show, through the use of the SCT schema for framing the findings of this study, how a theoretical model of the factors that influence developers’ privacy practices can be conceptualized and used as a guide for future research toward effective implementation of PbD.

    URL: https://doi.org/10.1007/s10664-017-9517-1

     

     

    Author: Harel, Yaniv, Gal, Irad Ben and Elovici, Yuval

    Year: 2017

    Title: Cyber Security and the Role of Intelligent Systems in Addressing its Challenges

    Journal: ACM Transactions on Intelligent Systems and Technology (TIST)

    Volume: 8

    Issue: 4

    Pages: 1-12

    Start Page: 1

    Alternate Journal: Special Issue: Cyber Security and Regular Papers

    ISSN: 2157-6904

    DOI: 10.1145/3057729

    Legal Note: 3057729

    URL: https://dl.acm.org/citation.cfm?id=3057729

     

     

    Editor: Hatuka, Tali

    Year: 2018

    Title: העיר בעידן הדיגיטלי - תכנון, טכנולוגיה, פרטיות ואי־שוויון

    Publisher: אוני' תל אביב

    DOI: http://bit.ly/2TJYeUE

    Research Notes: מדריך מקיף שממפה, מבהיר ולבסוף מבקר את הזירה של 'הערים חכמות' בישראל. המדריך מבקש לבנות בסיס ידע, נגיש ופשוט בנושא למקבלי ההחלטות. מן המדריך עולות סוגיות רגישות בנוגע לתהליך קבלת ההחלטות, שימוש בתקציבים וחוסר סדר ארגוני ביישום וההטמעה של הדיגיטציה. המדריך שנכתב בעברית הופץ באופן דיגיטלי, נחשף ביום עיון ועותקים מודפסים נשלחים בימים אלו לראשי רשויות ושרים בממשלה.

    URL: http://lcud.tau.ac.il/wp-content/uploads/2018/11/%D7%94%D7%A2%D7%99%D7%A8-%D7%91%D7%A2%D7%99%D7%93%D7%9F-%D7%94%D7%93%D7%99%D7%92%D7%99%D7%98%D7%9C%D7%99-%D7%AA%D7%9B%D7%A0%D7%95%D7%9F-%D7%98%D7%9B%D7%A0%D7%95%D7%9C%D7%95%D7%92%D7%99%D7%94-%D7%A4%D7%A8%D7%98%D7%99%D7%95%D7%AA-%D7%95%D7%90%D7%99-%D7%A9%D7%95%D7%95%D7%99%D7%95%D7%9F.pdf

     

     

    Author: Hatuka, Tali, Rosen-Zvi, Issachar, Birnhack, Michael, Toch, Eran and Zur, Hadas

    Year: 2018

    Title: The Political Premises of Contemporary Urban Concepts: The Global City, the Sustainable City, the Resilient City, the Creative City, and the Smart City

    Journal: Planning Theory & Practice

    Volume: 19

    Issue: 2

    Pages: 160-179

    Date: 2018/03/15

    ISSN: 1464-9357

    DOI: 10.1080/14649357.2018.1455216

    Abstract: Numerous studies have focused on the global city, the sustainable city, the resilient city, the creative city, and the smart city, analyzing their politics, ideologies, and social implications. However, the literature lacks synthetic analysis that addresses these concepts by juxtaposing them and exploring their similarities and differences. This paper provides synthetic analysis, followed by a discussion of the concepts? competing and complementary logics of governance and citizenship. The concluding section addresses the importance of taking into account these diverse concepts as political ideas and discusses how these concepts become a prescriptive mix promoted by public officials and private developers.

    URL: https://doi.org/10.1080/14649357.2018.1455216

     

     

    Author: Hatuka, Tali and Zur, Hadas

    Year: 2019

    Title: Who is the ‘smart’ resident in the digital age? The varied profiles of users and non-users in the contemporary city

    Journal: Urban Studies

    Volume: 0

    Issue: 0

    Pages: 0042098019835690

    Start Page: 004209801983569

    ISSN: 0042-0980

    1360-063X

    DOI: 10.1177/0042098019835690

    Keywords: digital age,neighbourhoods,networks,technology,smart resident,smart cities

    Abstract: This paper is centred on the levels of participation in digital municipal platforms, and its goals are threefold: (1) to assess the normative aspirations and limitations of policy makers and key actors in the municipality with regard to the smart resident idea, with a focus on participation and privacy; (2) to assess and categorise levels of participation in varied social and geographic contexts in the city; and (3) to assess the possible link between participation and privacy practices among users. Empirically, this paper studies the practices of the inhabitants of Tel Aviv-Yafo City, with a focus on the use of digitised services provided by the municipality and the use of the celebrated project ‘Digi-Tel’ – a digital card that offers to the inhabitants of the city services, discounts, targeted information and benefits around the city. The assessment of the inhabitants’ practices is based on a survey that was conducted in four neighbourhoods with different socio-economic, ethnic and geographical characteristics. The survey is supplemented with interviews of prominent figures in the Tel Aviv-Yafo municipality to understand their views on participation and privacy. The paper concludes with a discussion of the varied profiles of the users and non-users of digital platforms in the city, revealing their complex approach to participation in the digital age.

    URL: https://journals.sagepub.com/doi/abs/10.1177/0042098019835690

     

     

    Author: Hirschprung, Ron, Toch, Eran, Schwartz-Chassidim, Hadas, Mendel, Tamir and Maimon, Oded

    Year: 2017

    Title: Analyzing and Optimizing Access Control Choice Architectures in Online Social Networks

    Journal: ACM Transactions on Intelligent Systems and Technology (TIST)

    Volume: 8

    Issue: 4

    Pages: 1-22

    Start Page: 1

    ISSN: 2157-6904

    DOI: 10.1145/3046676

    Legal Note: 3046676

    URL: https://doi.org/10.1145/3046676

     

     

    Author: Horn, David

    Year: 2018

    Title: Field Formulation of Parzen Data Analysis

    Journal: arXiv preprint arXiv:1808.08776

    Date: August

    URL: https://arxiv.org/abs/1808.08776

     

     

    Author: Hui, Kai-Lung, Kim, Seung Hyun and Wang, Qiu-Hong

    Year: 2017

    Title: Cybercrime deterrence and international legislation: evidence from distributed denial of service attacks

    Journal: Management Information Systems Quarterly

    Volume: 41

    Issue: 2

    Pages: 497–523

    Start Page: 497

    ISSN: 0276-7783

    DOI: 10.25300/misq/2017/41.2.08

    Keywords: convention on cybercrime, distributed denial of service attack, deterrence, legislation, law enforcement, cybercrime

    Abstract: In this paper, we estimate the impact of enforcing the Convention on Cybercrime (COC) on deterring distributed denial of service (DDOS) attacks. Our data set comprises a sample of real, random spoof-source DDOS attacks recorded in 106 countries in 177 days in the period 2004-2008. We find that enforcing the COC decreases DDOS attacks by at least 11.8 percent, but a similar deterrence effect does not exist if the enforcing countries make a reservation on international cooperation. We also find evidence of network and displacement effects in COC enforcement. Our findings imply attackers in cyberspace are rational, motivated by economic incentives, and strategic in choosing attack targets. We draw related implications.

    Research Notes: 858

    URL: https://doi.org/10.25300/MISQ/2017/41.2.08

     

     

    Author: Jarovsky, Ariel, Milo, Tova, Novgorodov, Slava and Tan, Wang-Chiew

    Year of Conference: 2018

    Title: Rule sharing for fraud detection via adaptation

    Conference Name: 2018 IEEE 34th International Conference on Data Engineering (ICDE)

    Publisher: IEEE

    Pages: 125-136

    ISBN: 1538655209

    URL: https://ieeexplore.ieee.org/abstract/document/8509242/

     

     

    Author: Jarovsky, Ariel, Milo, Tova, Novgorodov, Slava and Tan, Wang-Chiew

    Year: 2018

    Title: GOLDRUSH: rule sharing system for fraud detection

    Journal: Proceedings of the Very Large Database Endowment

    Volume: 11

    Issue: 12

    Pages: 1998-2001

    Start Page: 1998

    ISSN: 2150-8097

    DOI: 10.14778/3229863.3236244

    Legal Note: 3275581

    Abstract: Fraud detection rules, written by domain experts, are often employed by financial companies to enhance their machine learning-based mechanisms for accurate detection of fraudulent transactions. Accurate rule writing is a challenging task where domain experts spend significant effort and time. A key observation is that much of this difficulty originates from the fact that experts typically work as "lone rangers" or in isolated groups to define the rules, or work on detecting frauds in one context in isolation from frauds that occur in another context. However, in practice there is a lot of commonality in what different experts are trying to achieve.

     

    In this demo, we present the GOLDRUSH system, which facilitates knowledge sharing via effective adaptation of fraud detection rules from one context to another. GOLDRUSH abstracts the possible semantic interpretations of each of the conditions in the rules in one context and adapts them to the target context. Efficient algorithms are used to identify the most effective rule adaptations w.r.t a given cost-benefit metric. We showcase GOLDRUSH through a reenactment of a real-life fraud detection event. Our demonstration will engage the VLDB'18 audience, allowing them to play the role of experts collaborating in the fight against financial frauds.

    URL: https://doi.org/10.14778/3229863.3236244

     

     

    Author: Katz, Omer, Rinetzky, Noam and Yahav, Eran

    Year of Conference: 2018

    Title: Statistical Reconstruction of Class Hierarchies in Binaries

    Conference Name: ASPLOS '18 ACM International Conference on Architectural Support for Programming Languages and Operating Systems

    Conference Location: Williamsburg, VA, USA

    Publisher: ACM

    Pages: 363-376

    Date: March 24th - 28th

    Sponsor: ACM SIGPLAN, ACM SIGACT and ACM SIGLOG.

    ISBN: 9781450349116

    Proceedings Title: Proceedings of the 23rd ACM International Conference on Architectural Support for Programming Languages and Operating Systems

    URL: https://www.asplos2018.org/

     

     

    Author: Katz, Omer, Rinetzky, Noam and Yahav, Eran

    Year: 2018

    Title: Statistical Reconstruction of Class Hierarchies in Binaries

    Journal: ACM SIGPLAN Notices

    Volume: 53

    Issue: 2

    Pages: 363–376

    Start Page: 363

    ISSN: 0362-1340

    DOI: 10.1145/3296957.3173202

    Keywords: reverse engineering, x86, class hierarchies, static binary analysis

    Abstract: We address a fundamental problem in reverse engineering of object-oriented code: the reconstruction of a program's class hierarchy from its stripped binary. Existing approaches rely heavily on structural information that is not always available, e.g., calls to parent constructors. As a result, these approaches often leave gaps in the hierarchies they construct, or fail to construct them altogether. Our main insight is that behavioral information can be used to infer subclass/superclass relations, supplementing any missing structural information. Thus, we propose the first statistical approach for static reconstruction of class hierarchies based on behavioral similarity. We capture the behavior of each type using a statistical language model (SLM), define a metric for pairwise similarity between types based on the Kullback-Leibler divergence between their SLMs, and lift it to determine the most likely class hierarchy. We implemented our approach in a tool called ROCK and used it to automatically reconstruct the class hierarchies of several real-world stripped C++ binaries. Our results demonstrate that ROCK obtained significantly more accurate class hierarchies than those obtained using structural analysis alone.

    URL: https://doi.org/10.1145/3296957.3173202

     

     

    Author: Khyzha, Artem, Attiya, Hagit, Gotsman, Alexey and Rinetzky, Noam

    Year of Conference: 2018

    Title: Safe privatization in transactional memory

    Conference Name: PPoPP '18 Principles and Practice of Parallel Programming Principles and Practice of Parallel Programming 2018:  23nd ACM SIGPLAN Symposium on Principles and Practice of Parallel Programming

    Conference Location: Vienna, Austria

    Volume: 53

    Issue: 1

    Pages: 233-245

    Series Editor: Machinery, Association for Computing

    Date: February 24 - 28, 2018

    Sponsor: SIGPLAN, SIGHPC

    ISBN: 145034982X

    978-1-4503-4982-6

    Place Published: New York NY United States

    Proceedings Title: Proceedings of the 23rd ACM SIGPLAN Symposium on Principles and Practice of Parallel Programming

    Abstract: Transactional memory (TM) facilitates the development of concurrent applications by letting the programmer designate certain code blocks as atomic. Programmers using a TM often would like to access the same data both inside and outside transactions, e.g., to improve performance or to support legacy code. In this case, programmers would ideally like the TM to guarantee strong atomicity, where transactions can be viewed as executing atomically also with respect to non-transactional accesses. Since guaranteeing strong atomicity for arbitrary programs is prohibitively expensive, researchers have suggested guaranteeing it only for certain data-race free (DRF) programs, particularly those that follow the privatization idiom: from some point on, threads agree that a given object can be accessed non-transactionally. Supporting privatization safely in a TM is nontrivial, because this often requires correctly inserting transactional fences, which wait until all active transactions complete.

     

    Unfortunately, there is currently no consensus on a single definition of transactional DRF, in particular, because no existing notion of DRF takes into account transactional fences. In this paper we propose such a notion and prove that, if a TM satisfies a certain condition generalizing opacity and a program using it is DRF assuming strong atomicity, then the program indeed has strongly atomic semantics. We show that our DRF notion allows the programmer to use privatization idioms. We also propose a method for proving our generalization of opacity and apply it to the TL2 TM.

    URL: https://dl.acm.org/citation.cfm?id=3178505

    https://arxiv.org/abs/1801.04249

     

     

     

    Author: Kleinmann, Amit and Wool, Avishai

    Year of Conference: 2015

    Title: A statechart-based anomaly detection model for multi-threaded SCADA systems

    Conference Name: International Conference on Critical Information Infrastructures Security

    Publisher: Springer

    Pages: 132-144

    URL: https://link.springer.com/chapter/10.1007/978-3-319-33331-1_11

     

     

    Author: Kleinmann, Amit and Wool, Avishai

    Year of Conference: 2017

    Title: Automatic Construction of Statechart-Based Anomaly Detection Models for Multi-Threaded Industrial Control Systems

    Conference Name: ACM Transactions on Intelligent Systems and Technology (TIST)

    Volume: 8

    Issue: 4

    Pages: 1-21

    ISBN: 2157-6904

    DOI: 10.1145/3011018

    Place Published: 3011018

    Proceedings Title: Proceedings of the 2nd ACM Workshop on Cyber-Physical Systems Security and Privacy

    URL: https://dl.acm.org/citation.cfm?id=3011018

     

     

    Author: Levin, Avner

    Year: 2018

    Title: Privacy by Design by Regulation: The Case Study of Ontario

    Journal: Canadian Journal of Comparative and Contemporary Law

    Volume: 4

    Pages: 115

    URL: http://www.cjccl.ca/wp-content/uploads/2018/08/Levin-Privacy-by-Design-by-Regulation.pdf

     

     

    Author: Levy, Dor and Wolf, Lior

    Year: 2017

    Title: Learning to Align the Source Code to the Compiled Object Code

    Editor: Doina, Precup and Yee Whye, Teh

    Conference Name: Proceedings of the 34th International Conference on Machine Learning

    Conference Location: Proceedings of Machine Learning Research

    Publisher: PMLR

    Volume: 70

    Pages: 2043--2051

    Label: pmlr-v70-levy17a

    Abstract: We propose a new neural network architecture and use it for the task of statement-by-statement alignment of source code and its compiled object code. Our architecture learns the alignment between the two sequences – one being the translation of the other – by mapping each statement to a context-dependent representation vector and aligning such vectors using a grid of the two sequence domains. Our experiments include short C functions, both artificial and human-written, and show that our neural network architecture is able to predict the alignment with high accuracy, outperforming known baselines. We also demonstrate that our model is general and can learn to solve graph problems such as the Traveling Salesman Problem.

    URL: http://proceedings.mlr.press

     

     

    Author: Lupovici, Amir

    Year: 2014

    Title: The Attribution Problem and the Social Construction of Violence: Taking Cyber Deterrence Literature a Step Forward

    Journal: International Studies Perspectives

    Volume: 17

    Issue: 3

    Pages: 322–342

    ISSN: 15283577

    DOI: https://doi.org/10.1111/insp.12082

    URL: https://academic.oup.com/isp/article/17/3/322/2684522  

     

     

    Author: Lupovici, Amir

    Year: 2019

    Title: Toward a Securitization Theory of Deterrence

    Journal: International Studies Quarterly

    Volume: 63

    Issue: 1

    Pages: 177-186

    Start Page: 177

    Epub Date: December 2018

    Date: March

    ISSN: 0020-8833

    DOI: https://doi.org/10.1093/isq/sqy045

    Abstract: This note incorporates securitization scholarship into the study of deterrence. I argue that deterrence is a securitizing move, and it is embedded in and affected by a broader assemblage of securitizing moves performed by different actors. These include the deterrer, the putative challenger, and various third parties. Linking deterrence theory and securitization theory opens up promising directions for theory and research. Among other things, it provides a way for interpretative scholars to engage with debates within traditional deterrence scholarship—such as those regarding deterrence success, deterrence credibility, and the effects of the use of force on these dynamics. It also highlights often-overlooked issues in the study of deterrence. These include processes through which actors come to adopt this strategy. It also includes processes through which the threat to deterrence itself becomes a powerful political tool for mobilizing support to different strategic moves.

    URL: https://doi.org/10.1093/isq/sqy045

     

     

    Author: Maltinsky, Alex, Giladi, Ran and Shavitt, Yuval

    Year: 2017

    Title: On Network Neutrality Measurements

    Journal: ACM Transactions on Intelligent Systems and Technology (TIST)

    Volume: 8

    Issue: 4

    Pages: 1-22

    Start Page: 1

    Alternate Journal: Special Issue: Cyber Security and Regular Papers

    ISSN: 2157-6904

    DOI: 10.1145/3040966

    Legal Note: 3040966

    URL: https://dl.acm.org/citation.cfm?id=3040966

     

     

    Author: Mendel, Tamir

    Year: 2019

    Title: Social help: developing methods to support older adults in mobile privacy and security

    Conference Name: Adjunct Proceedings of the 2019 ACM International Joint Conference on Pervasive and Ubiquitous Computing and Proceedings of the 2019 ACM International Symposium on Wearable Computers

    Conference Location: London, United Kingdom

    Publisher: Association for Computing Machinery

    Pages: 383–387

    DOI: 10.1145/3341162.3349311

    Keywords: help, mobile computing, older adults, assistance, security and privacy, smartphones, support

    URL: https://doi.org/10.1145/3341162.3349311

     

     

    Author: Mendel, Tamir and Toch, Eran

    Year: 2019

    Title: My Mom was Getting this Popup: Understanding Motivations and Processes in Helping Older Relatives with Mobile Security and Privacy

    Journal: Proc. ACM Interact. Mob. Wearable Ubiquitous Technol.

    Volume: 3

    Issue: 4

    Pages: Article 147

    Start Page: 1

    ISSN: 2474-9567

    2474-9567

    DOI: 10.1145/3369821

    Keywords: Assistance, Security and privacy, Smartphones, Older adults, Support, Mobile computing, Help

    Abstract: Security and privacy pose a serious barrier to the use of mobile technology by older adults. While support from family and friends is known to be an effective enabler in older adults' technology adoption, we know very little about the family members' motivations for providing help, the context, and the process in which they provide it. To bridge this gap, we have conducted a mixed method study, qualitatively analyzing the helpers' assistance stories and quantitatively estimating the factors that affect helpers' willingness to offer assistance to older relatives regarding mobile security and privacy problems. Our findings point to the potential for helping older relatives, i.e., people are more willing to help and guide them than other social groups. Furthermore, we show that familiarity with an older relative's preferences is essential in providing meaningful support. We discuss our findings in the context of developing a theory of collective efficacy for security and privacy and new collaborative technologies that can reduce the barriers to social help.

    URL: https://doi.org/10.1145/3369821

     

     

    Author: Meyer, Joachim

    Year: 2017

    Title: Evaluating alerting systems from descriptions

    Journal: Proceedings of the Human Factors and Ergonomics Society Annual Meeting

    Volume: 61

    Issue: 1

    Pages: 307-307

    Start Page: 307

    ISSN: 1541-9312

    DOI: 10.1177/1541931213601557

    Abstract: Decisions in almost all domains of life receive support from automation in the form of alerts, binary cues, recommendations, etc. People often use automation or decision aids without having experience with the system, because the system may be new or because they rarely use it. When such experience is unavailable, people will base their use of the system on information they may have received about it and on descriptions, often given as probabilities or proportions. Examples are the sensitivity and specificity of a diagnostic procedure in medicine or the True Positive and False Positive rates of a detector. People use these descriptions to decide to what extent they can rely on the information. So far, it is unclear which aspects of the information about a system determine people’s evaluation of the system from a description. These evaluations will determine the trust they put in the indications from the system and the adjustment of system properties, such as thresholds. To gain some insights into this issue, we conducted an experiment. We developed descriptions of 12 systems in a quality control setting, in which participants had to detect faulty items in a production process. We used Signal Detection Theory (Green & Swets, 1966) to determine the system properties. The systems differed in d’ (1.5 or 2.5), the threshold setting lnβ (-1, 0 or 1) and the prior probability for a signal pS (.05 or .2). Half of the participants saw diagnostic values, receiving descriptions in terms of the probabilities of Hit and False Alarms, while the other half saw descriptions as predictive values, receiving the Positive Predictive Value (PPV) and the Negative Predictive Value (NPV) of each system. In the past, we have shown that people adjust system thresholds better when they see predictive values (Botzer, Meyer, Bak, & Parmet, 2010). Fifty-six students evaluated the systems in a classroom setting on a scale between 0 (completely useless) and 10 (perfect). In addition to the d’ and lnβ, which we specified when we designed the systems, we also computed for each system the Probability of Correct Indication (pCorrect), the Expected Value (given the costs and benefits in the description), and the transmitted information according to Information Theory. We analyzed the results with multivariate analyses of variance and by computing the correlations between the evaluations and system properties. The results showed that participants’ responses were mainly correlated with d’. The effects of the threshold setting lnβ and of pS were small, compared to the effects of d’. The correlations with the Expected Value and the transmitted information were smaller and could be explained through d’. Thus, people evaluated a system in terms of its ability to differentiate between signal and noise. They did not evaluate the system according to the economic value it provided or the transmitted information. In addition, participants evaluated systems with different thresholds (lnβ) similarly. This means that in our experiment participants did not differentiate between more and less appropriate threshold settings. The ability to identify better or worse settings is important, because these settings are often the main system parameter users can adjust. These findings, in addition to the inherent problems that already exist in user adjustments of systems (Meyer & Sheridan, 2017), make it unlikely that people can adjust system settings correctly.

    URL: http://journals.sagepub.com/doi/abs/10.1177/1541931213601557

     

     

    Author: Milo, Tova, Novgorodov, Slava and Tan, Wang-Chiew

    Year: 2016

    Title: Rudolf: interactive rule refinement system for fraud detection

    Journal: Proceedings of the  Very Large Database Endowment

    Volume: 9

    Issue: 13

    Pages: 1465-1468

    Start Page: 1465

    ISSN: 2150-8097

    DOI: 10.14778/3007263.3007285

    Legal Note: 3007285

    URL: http://www.vldb.org/pvldb/vol9/p1465-milo.pdf

     

     

    Author: Mukherjee, Suvam, Padon, Oded, Shoham, Sharon, D’Souza, Deepak and Rinetzky, Noam

    Year of Conference: 2017

    Title: Thread-local semantics and its efficient sequential abstractions for race-free programs

    Conference Name: 24th International Symposium on Static Analysis

    Publisher: Springer

    Pages: 253-276

    DOI: http://dx.doi.org/10.1007/978-3-319-66706-5_13

    Notes: Lecture Notes in Computer Science book series (LNCS, volume 10422)

    Programming and Software Engineering book sub series (LNPSE, volume 10422)

    URL: https://www.cs.tau.ac.il/~maon/pubs/2017-sas.pdf

    https://link.springer.com/chapter/10.1007/978-3-319-66706-5_13

     

     

     

    Author: Naor, Moni, Pinkas, Benny and Ronen, Eyal

    Year of Conference: 2019

    Title: How to (not) Share a Password: Privacy Preserving Protocols for Finding Heavy Hitters with Adversarial Behavior

    Conference Name: 2019 ACM SIGSAC Conference on Computer and Communications Security

    Conference Location: London, United Kingdom

    Publisher: Association for Computing Machinery

    Pages: 1369–1386

    Series Title: Lecture Notes in Computer Science book series (LNCS, volume 10821)

    Date: November

    Sponsor: SIGSAC

    ISBN: 978-1-4503-6747-9

    DOI: 10.1145/3319535.3363204

    Proceedings Title: Proceedings of the

    Keywords: passwords, heavy hitters, secure computation, differential privacy, malicious model

    Abstract: Bad choices of passwords were and are a pervasive problem. Users choosing weak passwords do not only compromise themselves, but the whole ecosystem. E.g, common and default passwords in IoT devices were exploited by hackers to create botnets and mount severe attacks on large Internet services, such as the Mirai botnet DDoS attack. We present a method to help protect the Internet from such large scale attacks. Our method enables a server to identify popular passwords (heavy hitters), and publish a list of over-popular passwords that must be avoided. This filter ensures that no single password can be used to compromise a large percentage of the users. The list is dynamic and can be changed as new users are added or when current users change their passwords. We apply maliciously secure two-party computation and differential privacy to protect the users' password privacy. Our solution does not require extra hardware or cost, and is transparent to the user. Our private heavy hitters construction is secure even against a malicious coalition of devices which tries to manipulate the protocol to hide the popularity of some password that the attacker is exploiting. It also ensures differential privacy under continual observation of the blacklist as it changes over time. As a reality check we conducted three tests: computed the guarantees that the system provides wrt a few publicly available databases, ran full simulations on those databases, and implemented and analyzed a proof-of-concept on an IoT device. Our construction can also be used in other settings to privately learn heavy hitters in the presence of an active malicious adversary. E.g., learning the most popular sites accessed by the Tor network.

    URL: https://doi.org/10.1145/3319535.3363204

     

     

    Author: Pundak, Chen, Steinhart, Yael and Goldenberg, Jacob

    Year: 2018

    Title: The Viciousness and Caring of Sharing: Morality and Motivations of Online Shamers

    Journal: ACR European Advances

    URL: http://www.acrwebsite.org/volumes/v11e/eacr_v11_1700220.pdf

     

     

     

    Author: Raban, Yoel and Hauptman, Aharon

    Year: 2018

    Title: Foresight of cyber security threat drivers and affecting technologies

    Journal: Foresight

    Volume: 20

    Issue: 4

    Pages: 353-363

    Start Page: 353

    ISSN: 1463-6689

    DOI: 10.1108/FS-02-2018-0020

    Abstract: Purpose The cyber security industry emerged rapidly in recent years due to mounting cyber threats and increasing cyber hacking activities. Research on emerging technologies emphasizes the risks and sometimes neglects to address the potential positive contribution to cyber security. The purpose of this study is to conduct a relatively balanced long-term foresight study to elicit major significant threat drivers and to identify emerging technologies that are likely to have a significant impact on defense and attack capabilities in cyber security. Design/methodology/approach The main instruments used in this study were horizon scanning and an online survey among subject-matter experts that assessed emerging threats and the potential impact of several emerging technologies on cyber defense capabilities and cyber attack capabilities. Findings An expert survey shows that cyber resilience, homomorphic encryption and blockchain may be considered as technologies contributing mainly to defense capabilities. On the other hand, Internet of Things, biohacking and human machine interface (HMI) and autonomous technologies add mainly to attack capabilities. In the middle, we find autonomous technologies, quantum computing and artificial intelligence that contribute to defense, as well as to attack capabilities, with roughly similar impact on both. Originality/value This study adds to the current research a balanced long-term view and experts? assessment of negative and positive impacts of emerging technologies, including their time to maturity and consensus levels. Two new Likert scale measures were applied to measure the potential impact of emerging technologies on cyber security, thus enabling the classification of the results into four groups (net positive, net negative, positive-positive and negative-negative).

    URL: https://doi.org/10.1108/FS-02-2018-0020

     

     

    Author: Rochman, Yuval, Levy, Hanoch and Brosh, Eli

    Year: 2014

    Title: Efficient resource placement in cloud computing and network applications

    Journal: ACM SIGMETRICS Performance Evaluation Review

    Volume: 42

    Issue: 2

    Pages: 49-51

    Start Page: 49

    ISSN: 0163-5999

    DOI: https://doi.org/10.1145/2667522.2667538

    URL: https://doi.org/10.1145/2667522.2667538

     

     

    Author: Rochman, Yuval, Levy, Hanoch and Brosh, Eli

    Year: 2017

    Title: Dynamic placement of resources in cloud computing and network applications

    Journal: Performance Evaluation

    Volume: 115

    Pages: 1-37

    Start Page: 1

    Date: 2017/10/01/

    ISSN: 0166-5316

    DOI: https://doi.org/10.1016/j.peva.2017.06.003

    Keywords: Resource-placement

    Stochastic

    Distributed-cloud

    Graph algorithms

    Abstract: We address the problem of dynamic resource placement in general networking and cloud computing applications. We consider a large-scale system faced by time varying and regionally distributed demands for various resources. The system operator aims at placing the resources across regions to maximize revenues, and thus needs to address the problem of how to dynamically reposition the resources in reaction to the time varying demand. The challenge posed by this setting is to deal with arbitrary multi-dimensional stochastic demands which vary over time. Under such settings one should provide a tradeoff between optimizing the resource placement as to meet its demand, and minimizing the number of added and removed resources to the placement. Our analysis and simulations reveal that optimizing the resource placement may inflict huge resource repositioning costs, even if the demand has small fluctuations. We therefore propose an algorithmic framework that overcomes this difficulty and yields very efficient dynamic placements with bounded repositioning costs. Our solution is developed under a very wide cost model, and thus allows accommodation of many systems. Our solutions are based on new analytic techniques utilizing graph theory methodologies that can be applied to other optimization/combinatorial problems.

    URL: http://www.sciencedirect.com/science/article/pii/S0166531616302188

     

     

    Title: Computer science for non-technological cyber programs

    Conference Name: FIE 2014 IEEE Frontiers in Education Conference: Opening Innovations and Internationalization in Engineering Education

    Conference Location: Madrid, Spain, Melia Castilla Hotel & Convention Center

    Publisher: IEEE

    Pages: 1-8

    Date: October 22-25

    Notes: 2014 IEEE Frontiers in Education Conference :

    Research Notes: 873

    URL: http://ieeexplore.ieee.org/servlet/opac?punumber=7017968

     

     

    Author: Schuster, Roei, Shmatikov, Vitaly and Tromer, Eran

    Year of Conference: 2017

    Title: Beauty and the burst: Remote identification of encrypted video streams

    Conference Name: USENIX Security

    URL: https://www.usenix.org/system/files/conference/usenixsecurity17/sec17-schuster.pdf

     

     

    Author: Shapira, Tal and Shavitt, Yuval

    Year of Conference: 2019

    Title: FlowPic: Encrypted Internet Traffic Classification is as Easy as Image Recognition

    Conference Name: IEEE INFOCOM 2019-IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS)

    Publisher: IEEE

    Pages: 680-687

    ISBN: 1728118786

     

     

    Author: Shome, Rahul, Solovey, Kiril, Dobson, Andrew, Halperin, Dan and Bekris, Kostas E.

    Year: 2019

    Title: dRRT*: Scalable and Informed Asymptotically-Optimal Multi-Robot Motion Planning

    Conference Name: CoRR European conference on Computational Geometry

    Volume: abs/1903.00994

    Date: /

    URL: http://arxiv.org/abs/1903.00994

     

     

    Author: Shome, Rahul, Solovey, Kiril, Dobson, Andrew, Halperin, Dan and Bekris, Kostas E.

    Year: 2019

    Title: dRRT*: Scalable and informed asymptotically-optimal multi-robot motion planning

    Journal: Autonomous Robots

    Volume: 44

    Issue: Special Issue on Multi-Robot and Multi-Agent Systems

    Pages: 443-467

    Start Page: 443

    Date: 2019/01/24

    ISSN: 1573-7527

    DOI: 10.1007/s10514-019-09832-9

    Abstract: Many exciting robotic applications require multiple robots with many degrees of freedom, such as manipulators, to coordinate their motion in a shared workspace. Discovering high-quality paths in such scenarios can be achieved, in principle, by exploring the composite space of all robots. Sampling-based planners do so by building a roadmap or a tree data structure in the corresponding configuration space and can achieve asymptotic optimality. The hardness of motion planning, however, renders the explicit construction of such structures in the composite space of multiple robots impractical. This work proposes a scalable solution for such coupled multi-robot problems, which provides desirable path-quality guarantees and is also computationally efficient. In particular, the proposed $$\mathtt{dRRT^*}$$dRRT∗is an informed, asymptotically-optimal extension of a prior sampling-based multi-robot motion planner, $$\mathtt{dRRT}$$dRRT. The prior approach introduced the idea of building roadmaps for each robot and implicitly searching the tensor product of these structures in the composite space. This work identifies the conditions for convergence to optimal paths in multi-robot problems, which the prior method was not achieving. Building on this analysis, $$\mathtt{dRRT}$$dRRTis first properly adapted so as to achieve the theoretical guarantees and then further extended so as to make use of effective heuristics when searching the composite space of all robots. The case where the various robots share some degrees of freedom is also studied. Evaluation in simulation indicates that the new algorithm, $$\mathtt{dRRT^*}$$dRRT∗  converges to high-quality paths quickly and scales to a higher number of robots where various alternatives fail. This work also demonstrates the planner’s capability to solve problems involving multiple real-world robotic arms.

    URL: https://doi.org/10.1007/s10514-019-09832-9

     

     

     

    Author: Silverman, Gahl and Sommer, Udi

    Year: 2019

    Title: Prevalent Sentiments of the Concept of Jihad in the Public Commentsphere

    Journal: Studies in Conflict & Terrorism

    Pages: 1-29

    Start Page: 1

    ISSN: 1057-610X

    DOI: 10.1080/1057610X.2019.1686854

    Abstract: Certain studies of social conflicts and geopolitical processes through online social networks entail qualitative analysis. One such issue is the tension between Western and Muslim societies. We introduce computer-assisted qualitative sentiment analysis for the inquiry and extraction of varied sentiments. The analysis explores the prevalent meanings of the term jihad through discussions of Muslims and non-Muslims in the online public sphere. After examining 4,630 Facebook comments and replies, our examination leads to a holistic mapping that details peaceful, moderate, and radical opinions regarding jihad, which is an integral institution of the Muslim world. Through this method, we suggest a Muslim/non-Muslim tension indicator, which can be used in a range of political analyses.

    URL: https://doi.org/10.1080/1057610X.2019.1686854

     

     

    Author: Sternberg, Nurit, Luria, Roy, Chandhok, Susannah, Vickers, Brian, Kross, Ethan and Sheppes, Gal

    Year: 2020

    Title: When Facebook and finals collide - procrastinatory social media usage predicts enhanced anxiety☆

    Journal: Computers in Human Behavior

    Volume: 109

    Pages: 106358

    Start Page: 106358

    Date: 2020/08/01/

    ISSN: 0747-5632

    DOI: https://doi.org/10.1016/j.chb.2020.106358

    Keywords: Social networks

    Anxiety

    Self-control

    Procrastination

    Facebook

    Abstract: In the digital age we live in, refraining from procrastinatory social media usage, particularly when conflicting with highly valued goal pursuit, can result in failure and subsequent negative psychological outcomes. Despite mounting interest, existing evidence remains correlational and restricted to mundane contexts. To fill these gaps the current two study investigation provides converging ecological and causal evidence for the influence of procrastinatory social media usage on subsequent anxiety. Study 1 used longitudinal unobtrusive measurement of actual procrastinatory Facebook usage (using designated software) together with experience-sampling, during real-life academic exam preparation period. Findings showed that enhanced procrastinatory Facebook usage predicted increased levels of anxiety over time. Further evidence provided inferences regarding the likely ordering of this association, by ruling out a reversed directionality between anxiety and subsequent Facebook usage. Providing direct causal evidence, Study 2 created a laboratory exam context conceived as highly predictive of academic success, that directly manipulated whether actual Facebook usage was procrastinatory or not, prior to examining its influence on anxiety. Supporting predictions, only when Facebook was used instead of studying, it resulted in enhanced anxiety. The present investigation illuminates when and why social media usage leads to adverse psychological consequences.

    URL: http://www.sciencedirect.com/science/article/pii/S0747563220301114

     

     

    Author: Sternberg, Nurit, Luria, Roy and Sheppes, Gal

    Year: 2018

    Title: For whom is social-network usage associated with anxiety? The moderating role of neural working-memory filtering of Facebook information

    Journal: Cognitive, Affective, & Behavioral Neuroscience

    Volume: 18

    Issue: 6

    Pages: 1145-1158

    Epub Date: 2018/08/11

    Date: 2018/12/01

    ISSN: 1531-135X

    DOI: 10.3758/s13415-018-0627-z

    Accession Number: 30094562

    Keywords: Adult

    Anxiety/*physiopathology/psychology

    Brain/*physiopathology

    Electroencephalography

    Female

    Humans

    Male

    Memory, Short-Term/*physiology

    Mental Health

    *Social Media

    *Social Networking

    Students

    Young Adult

    *Anxiety

    *eeg

    *Facebook

    *Filtering

    *Online social networks

    *Working memory

    Abstract: Is Facebook usage bad for mental health? Existing studies provide mixed results, and direct evidence for neural underlying moderators is lacking. We suggest that being able to filter social-network information from accessing working memory is essential to preserve limited cognitive resources to pursue relevant goals. Accordingly, among individuals with impaired neural social-network filtering ability, enhanced social-network usage would be associated with negative mental health. Specifically, participants performed a novel electrophysiological paradigm that isolates neural Facebook filtering ability. Participants’ actual Facebook behavior and anxious symptomatology were assessed. Confirming evidence showed that enhanced Facebook usage was associated with anxious symptoms among individuals with impaired neural Facebook filtering ability. Although less robust and tentative, additional suggestive evidence indicated that this specific Facebook filtering impairment was not better explained by a general filtering deficit. These results involving a neural social-network filtering moderator, may help understand for whom increased online social-network usage is associated with negative mental health.

    URL: https://doi.org/10.3758/s13415-018-0627-z

     

     

    Author: Tabansky, Lior

    Year of Conference: 2016

    Title: Towards a Theory of Cyber Power: The Israeli Experience with Innovation and Strategy

    Conference Name: 8th International Conference on Cyber Conflict (CyCon)

    Conference Location: Tallinn, Estonia

    Publisher: IEEE & NATO CCDCOE

    Pages: 51-63

    DOI: 10.1109/CYCON.2016.7529426

    Place Published: Tallinn, Estonia

    Year Published: 2016

    Proceedings Title: Cyber Power

    URL: https://ccdcoe.org/sites/default/files/multimedia/pdf/Art%2004%20Towards%20a%20Theory%20of%20Cyber%20Power%20-%20the%20Israeli%20Experience%20with%20Innovation%20and%20Strategy.pdf

    https://ieeexplore.ieee.org/document/7529426?arnumber=7529426

     

     

    Author: Tabansky, Lior

    Year: 2017

    Title: Cybered Influence Operations: towards a scientific research agenda

    Journal: Security Policy Library - The Norwegian Atlantic Comittee

    Volume: 2017

    Issue: 2

    Pages: 36

    Date: December

    ISSN: 0802-6602

    URL: http://www.atlanterhavskomiteen.no/nettsider/dnak/publikasjoner/sikkerhetspolitisk-bibliotek h

     

     

    Author: Tabansky, Lior

    Year: 2018

    Title: Sticking to their Guns: The Missing RMA for Cybersecurity

    Journal: Military Cyber Affairs

    Volume: 3

    Issue: 2

    Pages: 23

    Date: June

    Alternate Journal: The Journal of the Military Cyber Professionals Association

    ISSN: 2378-0789

    DOI: https://doi.org/10.5038/2378-0789.3.1.1039

    Abstract: Why has cybered conflict disrupted the security of the most developed nations? A foreign adversary contemplating an attack on a developed nation's heartland certainly faces multiple state-run military-grade lines of defense on land, sea and air. A foreign adversary launching a direct cyber-attack on a non-military homeland target will meet none. Armed forces do not shield a society from cyber-attacks originated by foreign adversaries, no longer provide a buffer between the enemy and homeland, nor can they identify the attacker after an attack occurred.

    Adversaries succeed in waging cybered conflict against the U.S. and its allies. Having repeatedly inflicted economic and social harm while evading retaliation, adversaries become brazen. To prevail in cybered conflict, we need to return to the very foundations of our defense.

    However, profound defense adaptation is especially problematic for dominant militaries. To develop my argument, I turn to analyze a Stuxnet-like scenario using the Revolution in ‎Military Affairs (RMA) concept of Security Studies and the paradigm shift concept of philosophy of science. Security Studies theory, philosophy of science and empirical evidence all suggest that profound defense adaptation demands pressure from outside the expert organization. I argue that Security Studies theory and empirical evidence, including Israel’s defense adaptation following short-range rocket threat, suggest that civilian outsiders coalescing with military partners can successfully drive defense adaptation.

    To secure the Western world order, the U.S. and its allies need to rearrange their security forces, leveraging the experience accumulated through centuries.

    URL: http://scholarcommons.usf.edu/mca/vol3/iss1/3      

     

     

    Author: Tabansky, Lior and Ben Israel, Isaac

    Year: 2015

    Title: Geopolitics and Israeli Strategy

    Book Title: Cybersecurity in Israel

    Publisher: Springer International Publishing

    Pages: 9-14

    Chapter: 2

    Series Title: SpringerBriefs in Cybersecurity

    ISBN: 978-3-319-18985-7

    DOI: 10.1007/978-3-319-18986-4_2

    Keywords: National security concept

    Grand strategy

    Cybersecurity

    Arab-Israeli conflict

    ‘Iron Wall’

    Quality

    Qualitative superiority

    URL: http://dx.doi.org/10.1007/978-3-319-18986-4_2

    Language: English

     

     

    Author: Tabansky, Lior and Ben Israel, Isaac

    Year: 2015

    Title: The National Innovation Ecosystem of Israel

    Book Title: Cybersecurity in Israel

    Publisher: Springer International Publishing

    Pages: 15-30

    Chapter: 3

    Series Title: SpringerBriefs in Cybersecurity

    ISBN: 978-3-319-18985-7

    DOI: 10.1007/978-3-319-18986-4_3

    Keywords: Innovation

    Ecosystem

    Science

    R&D policy

    Tel Aviv University

    IDF

    R&D expenditure

    GERD

    BERD

    H2020

    FP7

    Office of the Chief Scientist OCS

    Maf’at

    Talpiot

    Atuda

    Yozma

    Venture Capital

    CyberSpark

    CyberGym

    URL: http://dx.doi.org/10.1007/978-3-319-18986-4_3

     

     

    Author: Tabansky, Lior and Ben Israel, Isaac

    Year: 2015

    Title: Mid-1990s: The Prequel for National Cybersecurity Policy

    Book Title: Cybersecurity in Israel

    Publisher: Springer International Publishing

    Pages: 31-34

    Chapter: 4

    Series Title: SpringerBriefs in Cybersecurity

    ISBN: 978-3-319-18985-7

    DOI: 10.1007/978-3-319-18986-4_4

    Keywords: Disruption

    Information assurance

    Critical infrastructure

    e-Government

    Tehila

    Distributed denial-of-service attack (DDoS)

    URL: http://dx.doi.org/10.1007/978-3-319-18986-4_4

     

    Author: Tabansky, Lior and Ben Israel, Isaac

    Year: 2015

    Title: The Israeli National Cybersecurity Policy Focuses on Critical Infrastructure Protection (CIP)

    Book Title: Cybersecurity in Israel

    Publisher: Springer International Publishing

    Pages: 35-41

    Chapter: 5

    Series Title: SpringerBriefs in Cybersecurity

    ISBN: 978-3-319-18985-7

    DOI: 10.1007/978-3-319-18986-4_5

    Keywords: Cybersecurity

    Critical infrastructure

    Critical infrastructure protection (CIP)

    Regulation

    B/84

    National Information Security Authority (NISA)

    Re’em

    ISA

    Shabak

    Tel Aviv Stock Exchange (TASE)

    URL: http://dx.doi.org/10.1007/978-3-319-18986-4_5

     

     

    Author: Tabansky, Lior and Ben Israel, Isaac

    Year: 2015

    Title: Seeking Cyberpower: The National Cyber Initiative, 2010

    Book Title: Cybersecurity in Israel

    Publisher: Springer International Publishing

    Pages: 43-48

    Chapter: 6

    Series Title: SpringerBriefs in Cybersecurity

    ISBN: 978-3-319-18985-7

    DOI: 10.1007/978-3-319-18986-4_6

    Keywords: Cybersecurity

    Innovation

    Science

    R&D policy

    Multi-stakeholder

    Tel Aviv University

    External expert review

    National cyber-initiative

    URL: http://dx.doi.org/10.1007/978-3-319-18986-4_6

     

     

    Author: Tabansky, Lior and Ben Israel, Isaac

    Year: 2015

    Title: The National Cyber-Strategy of Israel and the INCB

    Book Title: Cybersecurity in Israel

    Publisher: Springer International Publishing

    Pages: 49-54

    Chapter: 7

    Series Title: SpringerBriefs in Cybersecurity

    ISBN: 978-3-319-18985-7

    DOI: 10.1007/978-3-319-18986-4_7

    Keywords: INCB

    National cyber-strategy

    National cyber-policy

    Resolution 3611

    Global cyber-power

    Critical infrastructure protection

    CIP

    CERT

    Innovation

    Cyber-industry

    Growth engine

    Interdisciplinary Cyber Research Centre (ICRC)

    Science policy

    URL: http://dx.doi.org/10.1007/978-3-319-18986-4_7

     

     

    Author: Tabansky, Lior and Ben Israel, Isaac

    Year: 2015

    Title: Towards Comprehensive National Cybersecurity

    Book Title: Cybersecurity in Israel

    Publisher: Springer International Publishing

    Pages: 55-61

    Chapter: 8

    Series Title: SpringerBriefs in Cybersecurity

    ISBN: 978-3-319-18985-7

    DOI: 10.1007/978-3-319-18986-4_8

    Keywords: ISA

    INCB

    National Cyber Security Authority

    NCSA

    CIP

    Resolution 3611

    Resolution 2443

    Resolution 2444

    URL: http://dx.doi.org/10.1007/978-3-319-18986-4_8

     

     

    Author: Tabansky, Lior and Ben Israel, Isaac

    Year: 2015

    Title: Striking with Bits? The IDF and Cyber-Warfare

    Book Title: Cybersecurity in Israel

    Publisher: Springer International Publishing

    Pages: 63-69

    Chapter: 9

    Series Title: SpringerBriefs in Cybersecurity

    ISBN: 978-3-319-18985-7

    DOI: 10.1007/978-3-319-18986-4_9

    Keywords: IDF

    Cyber-warfare

    C4I

    IAF

    Unit 8200

    Institute for National Security Studies (INSS)

    Operation Orchard

    Natanz

    Stuxnet

    Olympic games

    Attribution

    Deterrence

    URL: http://dx.doi.org/10.1007/978-3-319-18986-4_9

     

     

    Author: Tabansky, Lior and Ben Israel, Isaac

    Year: 2015

    Title: Conclusion: From Cybersecurity to Cyberpower

    Book Title: Cybersecurity in Israel

    Publisher: Springer International Publishing

    Pages: 71-73

    Chapter: 10

    Series Title: SpringerBriefs in Cybersecurity

    ISBN: 978-3-319-18985-7

    DOI: 10.1007/978-3-319-18986-4_10

    Keywords: Cybersecurity

    Cyberpower

    Innovation ecosystem

    Qualitative edge

    R&D

    National Cyber Initiative

    INCB

    NCSA

    Open society

    Israel

    Strategy

    URL: http://dx.doi.org/10.1007/978-3-319-18986-4_10

     

     

    Author: Tabansky, Lior and Ben-Israel, Isaac

    Year: 2015

    Title: Cybersecurity in Israel

    Series Editor: Gaycken, Sandro

    Series Title: SpringerBriefs in Cybersecurity

    Publisher: Springer

    Date: August

    URL: http://www.springer.com/series/10634

     

     

    Author: Trabish, David, Mattavelli, Andrea, Rinetzky, Noam and Cadar, Cristian

    Year of Conference: 2018

    Title: Chopped Symbolic Execution

    Conference Name: ICSE 2018: 40th International Conference on Software Engineering

    Conference Location: Gothenburg, Sweden

    Volume: Technical Papers

    Date: May 27 - 3 June 2018

    URL: https://www.icse2018.org/event/icse-2018-technical-papers-chopped-symbolic-execution

    http://www.cs.tau.ac.il/~maon/pubs/2018-icse.pdf

    https://www.computer.org/publications/tech-news/events/the-2018-international-conference-on-software-engineering-breaks-attendance-records-as-it-celebrates-its-40th-anniversary

     

     

    Author: Tzezana, Roey

    Year: 2016

    Title: Scenarios for crime and terrorist attacks using the internet of things

    Journal: European Journal of Futures Research

    Volume: 4

    Issue: 1

    Pages: 18

    Date: December 01

    Type of Article: journal article

    ISSN: 2195-2248

    DOI: 10.1007/s40309-016-0107-z

    Abstract: The Internet of Things is a paradigm in which everyday items are connected to the internet and share information with other devices. This new paradigm is rapidly becoming a reality in the developed world, and while it holds an immensely positive potential, it also means that criminals and terrorists would be able to influence the physical world from the comfort of their homes. We can expect that hackers, ransomwares, viruses, spywares and many of the other woes of the internet today will migrate to the internet of things as well. In this research we used General Morphological Analysis and brought together fifty experts on an online platform to develop novel scenarios about the crimes and terrorist acts of the future. The experts developed 21 scenarios, which were then ranked according to their plausibility. We provide a brief description of every scenario, and focus particularly on the four most plausible ones: blackmailing by connecting to smart homes, gaining insider information from wearable devices and using it for financial gains, assaulting a smart city through the internet, and performing sex crimes via connected items in the smart home.

    URL: https://link.springer.com/article/10.1007%2Fs40309-016-0107-z

     

     

    Author: Tzezana, Roey

    Year: 2017

    Title: High-probability and wild-card scenarios for future crimes and terror attacks using the Internet of Things

    Journal: Foresight

    Volume: 19

    Issue: 1

    Pages: 1-14

    Start Page: 1

    ISSN: 1463-6689

    DOI: 10.1108/FS-11-2016-0056

    Keywords: Internet of Things,Security,Terrorism,Morphological analysis,Cybersecurity,Scenario development

    Abstract: This paper provides high-probability and wild-card scenarios scenarios about future crimes and terror attacks relying on the Internet of Things (IoT) indicating that the IoT is set to have a dramatic role in crime and terror attacks in future.

    URL: https://www.emeraldinsight.com/doi/abs/10.1108/FS-11-2016-0056 

     

     

    Author: Wan, Zhiyuan, Bao, Lingfeng, Gao, Debin, Toch, Eran, Xia, Xin, Mendel, Tamir and Lo, David

    Year: 2019

    Title: AppMoD: Helping Older Adults Manage Mobile Security with Online Social Help

    Journal: Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies

    Volume: 3

    Issue: 4

    Pages: Article 154

    Start Page: 1

    ISSN: 2474-9567

    2474-9567

    DOI: 10.1145/3369819

    Keywords: Mobile smartphones, security, decision delegation, older adults

    Abstract: The rapid adoption of Smartphone devices has caused increasing security and privacy risks and breaches. Catching up with ever-evolving contemporary smartphone technology challenges leads older adults (aged 50+) to reduce or to abandon their use of mobile technology. To tackle this problem, we present AppMoD, a community-based approach that allows delegation of security and privacy decisions a trusted social connection, such as a family member or a close friend. The trusted social connection can assist in the appropriate decision or make it on behalf of the user. We implement the approach as an Android app and describe the results of three user studies (n=50 altogether), in which pairs of older adults and family members used the app in a controlled experiment. Using app anomalies as an ongoing case study, we show how delegation improves the accuracy of decisions made by older adults. Also, we show how combining decision-delegation with crowdsourcing can enhance the advice given and improve the decision-making process. Our results suggest that a community-based approach can improve the state of mobile security and privacy.

    URL: https://doi.org/10.1145/3369819

     

     

    Author: Yaakov, Yoav Ben, Wang, Xinrun, Meyer, Joachim and An, Bo

    Year of Conference: 2019

    Title: Choosing Protection: User Investments in Security Measures for Cyber Risk Management

    Conference Name: GameSec 2019: Decision and Game Theory for Security

    Publisher: Springer

    Pages: 33-44

    Date: 23 October 2019

    ISBN: 978-3-030-32430-8

    DOI: https://doi.org/10.1007/978-3-030-32430-8_3

    Proceedings Title: Lecture Notes in Computer Science book series (LNCS, volume 11836).

    International Conference on Decision and Game Theory for Security.

    Keywords: Decision making; Cyber insurance; Cybersecurity;

    Abstract: Firewalls, Intrusion Detection Systems (IDS), and cyber-insurance are widely used to protect against cyber-attacks and their consequences. The optimal investment in each of these security measures depends on the likelihood of threats and the severity of the damage they cause, on the user’s ability to distinguish between malicious and non-malicious content, and on the properties of the different security measures and their costs. We present a model of the optimal investment in the security measures, given that the effectiveness of each measure depends partly on the performance of the others. We also conducted an online experiment in which participants classified events as malicious or non-malicious, based on the value of an observed variable. They could protect themselves by investing in a firewall, an IDS or insurance. Four experimental conditions differed in the optimal investment in the different measures. Participants tended to invest preferably in the IDS, irrespective of the benefits from this investment. They were able to identify the firewall and insurance conditions in which investments were beneficial, but they did not invest optimally in these measures. The results imply that users’ intuitive decisions to invest resources in risk management measures are likely to be non-optimal. It is important to develop methods to help users in their decisions.

    URL: https://link.springer.com/chapter/10.1007/978-3-030-32430-8_3

     

     

    Author: Yu, Jiyong, Yan, Mengjia, Khyzha, Artem, Morrison, Adam, Torrellas, Josep and Fletcher, Christopher W.

    Year of Conference: 2019

    Title: Speculative Taint Tracking (STT): A Comprehensive Protection for Speculatively Accessed Data

    Conference Name: MICRO '52: the 52nd Annual IEEE/ACM International Symposium on Microarchitecture

    Conference Location: Columbus, OH, USA

    Publisher: Association for Computing Machinery

    Pages: 954–968

    Date: October

    Sponsor: SIGMICRO, IEEE CS

    DOI: 10.1145/3352460.3358274

    Proceedings Title: Proceedings of the 52nd Annual IEEE/ACM International Symposium on Microarchitecture

    Keywords: Speculative execution attacks, Security, Information flow, Hardware

    Abstract: Speculative execution attacks present an enormous security threat, capable of reading arbitrary program data under malicious speculation, and later exfiltrating that data over microarchitectural covert channels. Since these attacks first rely on being able to read arbitrary data (potential secrets), a conservative approach to defeat all attacks is to delay the execution of instructions that read those secrets, until those instructions become non-speculative.

     

    This paper's premise is that it is safe to execute and selectively forward the results of speculative instructions that read secrets, which improves performance, as long as we can prove that the forwarded results do not reach potential covert channels. We propose a comprehensive hardware protection based on this idea, called Speculative Taint Tracking (STT), capable of protecting all speculatively accessed data.

     

    Our work addresses two key challenges. First, to safely selectively forward secrets, we must understand what instruction(s) can form covert channels. We provide a comprehensive study of covert channels on speculative microarchitectures, and use this study to develop hardware mechanisms that block each class of channel. Along the way, we find new classes of covert channels related to implicit flow on speculative machines. Second, for performance, it is essential to disable protection on previously protected data, as soon as doing so is safe. We identify that the earliest time is when the instruction(s) producing the protected data become non-speculative, and design a novel microarchitecture for disabling protection at this moment.

     

    We provide an extensive formal analysis showing that STT enforces a novel form of non-interference, with respect to all speculatively accessed data. We further evaluate STT on 21 SPEC and 9 PARSEC workloads, and find it adds only 8.5%/14.5% overhead (depending on attack model) relative to an insecure machine, while reducing overhead by 4.7×/18.8× relative to a baseline secure scheme.

    URL: https://doi.org/10.1145/3352460.3358274

    https://www.cs.tau.ac.il/~mad/publications/micro2019-stt.pdf

     

     

    Author: Zilberman, Noa and Shavitt, Yuval

    Year: 2016

    Title: Setting the Foundations for PoP-Based Internet Evolution Models

    Journal: arXiv preprint arXiv:1612.04096

    URL: https://arxiv.org/abs/1612.04096v2

     

     

    Author: Zrahia, Aviram

    Year: 2018

    Title: Threat intelligence sharing between cybersecurity vendors: Network, dyadic, and agent views

    Journal: Journal of Cybersecurity

    Volume: 4

    Issue: 1

    Pages: tyy008-tyy008

    ISSN: 2057-2085

    DOI: 10.1093/cybsec/tyy008

    Abstract: Real-time actionable threat intelligence is an emerging defense concept focused on detection and mitigation of cyber threats. The sharing of this information between parties reduces duplication of effort and allows one organization’s detection to become another’s prevention. Although there are deployments of threat intelligence sharing across different sectors, the partnerships formed between vendors in the cybersecurity market space have a significant coopetition attribute. This article aims to improve the understanding of those relationships through an empirical study by answering questions such as the following. What insights can be derived from the network structure formed between the vendors? What are the characteristics of the established relationships? Are there any properties that are common among sharing firms? The research is based on a uniquely coded dataset of vendors and their threat-sharing relationships studied from industry, dyadic, and firm perspectives. The methodology relies on a deductive-reasoning top-down approach and utilizes graph visualization and statistical analysis tools. The key findings are as follows: (i) the cybersecurity industry exhibits a small-world structure associated with communities, suitable for effective intelligence sharing, (ii) the collaborations are characterized by coopetition between loosely integrated complementary solutions, and (iii) the number of threat-sharing relationships of a firm is positively associated with its innovation level; the effect size is nearly three times stronger among publicly traded companies than privately held companies. The article aims to contribute to both domain knowledge and methodology by discussing a distinctive statistical and visual view of the analyzed ecosystem in the context of cyberspace and integrating multidisciplinary theoretical constructs into the researched domain from different study perspectives. The results may be used by security vendors, policy decision makers, and regulation authorities to assess the market dynamics, and the methodology and lessons can be generalized and applied to other domains.

    URL: http://dx.doi.org/10.1093/cybsec/tyy008

     

     

    Author: כהן, דניאל and ברעם, גיל

    Year: 2018

    Title: שימוש בלוחמת סייבר למבצעי השפעה צבאיים

    Journal: מערכות

    Volume: 480-481

    Issue: 64-69

    URL: http://maarachot.idf.il/PDF/FILES/4/114324.pdf

    Translated Author: Cohen, Daniel and Baram, Gil

    Translated Title: The use of cyberwarfare in military Influence Operations | Maa'rachot - IDF Journal

     

     

     

    Tel Aviv University makes every effort to respect copyright. If you own copyright to the content contained here and / or the use of such content is in your opinion infringing, Contact us as soon as possible >>
    Tel Aviv University, P.O. Box 39040, Tel Aviv 6997801, Israel
    UI/UX Basch_Interactive