Category: academic papers

Auto Added by WPeMatico

On the Subversion of NIST by the NSA

Posted on By infossl
academic papers, algorithms, cryptography, nist, nsa, Security technology, Uncategorized

Nadiya Kostyuk and Susan Landau wrote an interesting paper: “Dueling Over DUAL_EC_DRBG: The Consequences of Corrupting a Cryptographic Standardization Process“: Abstract: In recent decades, the U.S. National Institute of Standards and Technology (NIST), which develops cryptographic standards for non-national security agencies of the U.S. government, has emerged as the de facto international source for cryptographic … Read More “On the Subversion of NIST by the NSA” »

Tracking People via Bluetooth on Their Phones

Posted on By infossl
academic papers, bluetooth, identification, privacy, Security technology, stalking, tracking, Uncategorized

We’ve always known that phones—and the people carrying them—can be uniquely identified from their Bluetooth signatures, and that we need security techniques to prevent that. This new research shows that that’s not enough. Computer scientists at the University of California San Diego proved in a study published May 24 that minute imperfections in phones caused … Read More “Tracking People via Bluetooth on Their Phones” »

Attacking the Performance of Machine Learning Systems

Posted on By infossl
academic papers, cyberattack, machine learning, Security technology, Uncategorized

Interesting research: “Sponge Examples: Energy-Latency Attacks on Neural Networks“: Abstract: The high energy costs of neural network training and inference led to the use of acceleration hardware such as GPUs and TPUs. While such devices enable us to train large-scale neural networks in datacenters and deploy them on edge devices, their designers’ focus so far … Read More “Attacking the Performance of Machine Learning Systems” »

M1 Chip Vulnerability

Posted on By infossl
academic papers, apple, cybersecurity, hardware, malware, Security technology, Uncategorized, vulnerabilities

This is a new vulnerability against Apple’s M1 chip. Researchers say that it is unpatchable. Researchers from MIT’s Computer Science and Artificial Intelligence Laboratory, however, have created a novel hardware attack, which combines memory corruption and speculative execution attacks to sidestep the security feature. The attack shows that pointer authentication can be defeated without leaving … Read More “M1 Chip Vulnerability” »

Remotely Controlling Touchscreens

Posted on By infossl
academic papers, malware, Security technology, side-channel attacks, Uncategorized

Researchers have demonstrated controlling touchscreens at a distance, at least in a laboratory setting: The core idea is to take advantage of the electromagnetic signals to execute basic touch events such as taps and swipes into targeted locations of the touchscreen with the goal of taking over remote control and manipulating the underlying device. The … Read More “Remotely Controlling Touchscreens” »

The Limits of Cyber Operations in Wartime

Posted on By infossl
academic papers, cyberwar, russia, Security technology, ukraine, Uncategorized

Interesting paper by Lennart Maschmeyer: “The Subversive Trilemma: Why Cyber Operations Fall Short of Expectations“: Abstract: Although cyber conflict has existed for thirty years, the strategic utility of cyber operations remains unclear. Many expect cyber operations to provide independent utility in both warfare and low-intensity competition. Underlying these expectations are broadly shared assumptions that information … Read More “The Limits of Cyber Operations in Wartime” »

Manipulating Machine-Learning Systems through the Order of the Training Data

Posted on By infossl
academic papers, machine learning, security engineering, Security technology, Uncategorized

Yet another adversarial ML attack: Most deep neural networks are trained by stochastic gradient descent. Now “stochastic” is a fancy Greek word for “random”; it means that the training data are fed into the model in random order. So what happens if the bad guys can cause the order to be not random? You guessed … Read More “Manipulating Machine-Learning Systems through the Order of the Training Data” »

Websites that Collect Your Data as You Type

Posted on By infossl
academic papers, data collection, key logging, privacy, Security technology, Uncategorized

A surprising number of websites include JavaScript keyloggers that collect everything you type as you type it, not just when you submit a form. Researchers from KU Leuven, Radboud University, and University of Lausanne crawled and analyzed the top 100,000 websites, looking at scenarios in which a user is visiting a site while in the … Read More “Websites that Collect Your Data as You Type” »

Friday Squid Blogging: Squid Filmed Changing Color for Camouflage Purposes

Posted on By infossl
academic papers, Security technology, squid, Uncategorized

Video of oval squid (Sepioteuthis lessoniana) changing color in reaction to their background. The research paper claims this is the first time this has been documented. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered … Read More “Friday Squid Blogging: Squid Filmed Changing Color for Camouflage Purposes” »