Skip to search formSkip to main contentSkip to account menu

Crowds: anonymity for Web transactions

The design, implementation, security, performance, and scalability of the Crowds system for protecting users' anonymity on the world-wide-web are described and degrees of anonymity as an important tool for describing and proving anonymity properties are introduced.
View on ACM (opens in a new tab)

False data injection attacks against state estimation in electric power grids

  • Yao LiuM. ReiterP. Ning
  • Computer Science, Engineering
    Conference on Computer and Communications…
  • 9 November 2009
A new class of attacks, called false data injection attacks, against state estimation in electric power grids are presented, showing that an attacker can exploit the configuration of a power system to launch such attacks to successfully introduce arbitrary errors into certain state variables while bypassing existing techniques for bad measurement detection.
View on ACM (opens in a new tab)

False data injection attacks against state estimation in electric power grids

This article presents and analyzes a new class of attacks, called false data injection attacks, against state estimation in electric power grids, under the assumption that the attacker can access the current power system configuration information and manipulate the measurements of meters at physically protected locations such as substations.
View on ACM (opens in a new tab)

Stealing Machine Learning Models via Prediction APIs

Simple, efficient attacks are shown that extract target ML models with near-perfect fidelity for popular model classes including logistic regression, neural networks, and decision trees against the online services of BigML and Amazon Machine Learning.
View PDF on arXiv (opens in a new tab)

HotStuff: BFT Consensus with Linearity and Responsiveness

HotStuff is the first partially synchronous BFT replication protocol exhibiting these combined properties, and its simplicity enables it to be further pipelined and simplified into a practical, concise protocol for building large-scale replication services.
View on ACM (opens in a new tab)

The Design and Analysis of Graphical Passwords

This work proposes and evaluates new graphical password schemes that exploit features of graphical input displays to achieve better security than text-based passwords and describes the prototype implementation of one of the schemes on a personal digital assistants (PDAs) namely the Palm PilotTM.
View Paper (opens in a new tab)

Accessorize to a Crime: Real and Stealthy Attacks on State-of-the-Art Face Recognition

A novel class of attacks is defined: attacks that are physically realizable and inconspicuous, and allow an attacker to evade recognition or impersonate another individual, and a systematic method to automatically generate such attacks is developed through printing a pair of eyeglass frames.
View on ACM (opens in a new tab)

Flicker: an execution infrastructure for tcb minimization

We present Flicker, an infrastructure for executing security-sensitive code in complete isolation while trusting as few as 250 lines of additional code. Flicker can also provide meaningful,…
View on ACM (opens in a new tab)

Byzantine quorum systems

This paper considers the arbitrary (Byzantine) failure of data repositories and presents the first study of quorum system requirements and constructions that ensure data availability and consistency despite these failures, and demonstrates quorum systems over n servers with a load of O(\frac{1}{\sqrt{n}})$, thus meeting the lower bound on load for benignly fault-tolerant quorum Systems.
View on ACM (opens in a new tab)

Cross-VM side channels and their use to extract private keys

This paper details the construction of an access-driven side-channel attack by which a malicious virtual machine (VM) extracts fine-grained information from a victim VM running on the same physical computer and demonstrates the attack in a lab setting by extracting an ElGamal decryption key from a victims using the most recent version of the libgcrypt cryptographic library.
View on ACM (opens in a new tab)
...
By clicking accept or continuing to use the site, you agree to the terms outlined in our Privacy Policy (opens in a new tab), Terms of Service (opens in a new tab), and Dataset License (opens in a new tab)