November 4, 2016
Quanyan Zhu, Tansu Alpcan, Emmanouil Panaousis, Milind Tambe, and William Casey
This book constitutes the refereed proceedings of the 7th International Conference on Decision and Game Theory for Security, GameSec 2016, held in New York, NY, USA, in November 2016.
November 1, 2016
Bodhisatwa Mazumdar, Sk. Subidh Ali, and Ozgur Sinanoglu
In this article, the authors present a compact implementation of the Salsa20 stream cipher that is targeted towards lightweight cryptographic devices such as radio-frequency identification (RFID) tags.
A Dual Perturbation Approach for Differential Private ADMM-Based Distributed Empirical Risk Minimization
October 28, 2016
Tao Zhang and Quanyan Zhu
In this paper, the authors develop a privacy-preserving method to a class of regularized empirical risk minimization (ERM) machine learning problems.
October 27, 2016
In this article, the authors offer a security analysis of nanoelectromechanical systems (NEMS) and carbon nanotube (CNT). They highlight the key technology-specific features of these post-CMOS technologies that can inform the design of secure systems.
October 24, 2016
Chandra K. H. Suresh, Bodhisatwa Mazumdar, Sk Subidh Ali and Ozgur Sinanoglu
Continuous scaling of CMOS technology beyond sub-nanometer region has aggravated short-channel effects, resulting in increased leakage current and high power densities. Furthermore, elevated leakage current and power density render CMOS based security-critical applications vulnerable to power-side-channel attacks. Carbon Nanotubes (CNT) is a promising alternative to CMOS technology.
October 22, 2016
Hossein Siadati, Bahador Saket, Nasir Memon
The authors present APT-Hunter, a visualization tool that helps security analysts to explore login data for discovering patterns and detecting malicious logins
October 20, 2016
Jeyavijayan Rajendran, Ramesh Karri, and Ozgur Sinanoglu
An exemplary system, method and computer-accessible medium can be provided which can include, for example, generating a super control dataflow graph(s) (CDFG) by applying a plurality of electronic system level ESL design constraints associated with an integrated circuit, determining an upper bound(s) number and a lower bound(s) number based on a number of CDFGs in the super CDFG(s)—with each number being one metric of a capability of the integrated circuit to resist reverse engineering attack—, and inserting a component(s) into a register transfer level netlist to effectuate a modification of the upper bound(s) and the lower bound(s).
GADAPT: A Sequential Game-Theoretic Framework for Designing Defense-in-Depth Strategies Against Advanced Persistent Threats
October 5, 2016
Stefan Rass and Quanyan Zhu
We present a dynamic game framework to model and design defense strategies for advanced persistent threats (APTs). The model is based on a sequence of nested finite two-person zero-sum games, in which the APT is modeled as the attempt to get through multiple protective shells of a system towards conquering the target located in the center of the infrastructure.
Optimal Contract Design Under Asymmetric Information for Cloud-Enabled Internet of Controlled Things
October 5, 2016
Juntao Chen and Quanyan Zhu
The development of advanced wireless communication technologies and smart embedded control devices makes everything connected, leading to an emerging paradigm of the Internet of Controlled Things (IoCT). IoCT consists of two layers of systems: cyber layer and physical layer. This work aims to establish a holistic framework that integrates the cyber-physical layers of the IoCT through the lens of contract theory.
October 3, 2016
Rui Zhang, Quanyan Zhu
The authors provide an integrative view of the cyber insurance through a bi-level game-theoretic model.
September 19, 2016
Siddharth Garg, Ramesh Karri, Xiaotong Cui, Kaijie Wu
The authors propose a High Level Synthesis and Analysis (HLSA) approach that leverages embedded programmable logic (EPL) to hide sensitive parts of the IP from a rogue foundry or a rogue actor in a foundry.
September 1, 2016
Jeffrey Pawlick and Quanyan Zhu
The authors address the strategic interaction between trackers who collect data and users when incentives to maintain privacy and improve accuracy are misaligned.
September 1, 2016
Sahar Mazloom, Mohammad Rezaeirad, Aaron Hunter, and Damon McCoy
The authors discuss the security implications of the increasing trend in the automotive industry towards integrating trusted third-party apps with In-Vehicle-Infotainment systems (IVI) via smartphones.
August 18, 2016
Riad S. Wahby, Max Howald, Siddharth Garg, Abhi Shelat, and Michael Walfish
A manufacturer of custom hardware (ASICs) can undermine the intended execution of that hardware; high-assurance execution thus requires controlling the manufacturing chain. However, a trusted platform might be orders of magnitude worse in performance or price than an advanced, untrusted platform. This paper initiates exploration of an alternative: using verifiable computation (VC), an untrusted ASIC computes proofs of correct execution, which are verified by a trusted processor or ASIC.
August 18, 2016
Brendan Dolan-Gavitt, Patrick Hulin, Engin Kirda, Tim Leek, Andrea Mambretti, William K. Robertson, Frederick Ulrich, and Ryan Whelan
Work on automating vulnerability discovery has long been hampered by a shortage of ground-truth corpora with which to evaluate tools and techniques. This lack of ground truth prevents authors and users of tools alike from being able to measure such fundamental quantities as miss and false alarm rates. In this paper, we present LAVA, a novel dynamic taint analysis-based technique for producing ground-truth corpora by quickly and automatically injecting large numbers of realistic bugs into program source code.
August 16, 2016
Muhammad Yasin, Samah Mohamed Saeed, Jeyavijayan Rajendran, and Ozgur Sinanoglu
The authors assess and compare the pre-test and post-test activation models of logic encrypted chips.
August 15, 2016
Sk Subidh Ali, Mohamed Ibrahim, Jeyavijayan Rajendran, Ozgur Sinanoglu, and Krishnendu Chakrabarty
Digital microfluidic biochips (DMFBs) implement novel protocols for highly sensitive and specific biomolecular recognition. However, attackers can exploit supply-chain vulnerabilities to pirate DMFBs’ proprietary protocols or modify their results, with serious consequences for laboratory analysis, healthcare, and biotechnology innovation.
August 11, 2016
Jack Tang, Ramesh Karri, and Jeyavijayan Rajendran
We present a micro-electro-mechanical (MEM) relay based physical unclonable function (PUF) that is capable of sensing pressure while providing an assurance of authenticity. The unique properties of the SensorPUF arise from the pressure sensitivity of electrostatically actuated MEM relay structures.