Carlos Alberca, S. Pastrana, Guillermo Suarez-Tangil, P. Palmieri
The pervasive presence of interconnected objects enables new communication paradigms where devices can easily reach each other while interacting within their environment. The so-called Internet of Things (IoT) represents the integration of several computing and communications systems aiming at facilitating the interaction between these devices. Arduino is one of the most popular platforms used to prototype new IoT devices due to its open, flexible and easy-to-use architecture. Ardunio Yun is a dual board microcontroller that supports a Linux distribution and it is currently one of the most versatile and powerful Arduino systems. This feature positions Arduino Yun as a popular platform for developers, but it also introduces unique infection vectors from the security viewpoint. In this work, we present a security analysis of Arduino Yun. We show that Arduino Yun is vulnerable to a number of attacks and we implement a proof of concept capable of exploiting some of them.
{"title":"Security analysis and exploitation of arduino devices in the internet of things","authors":"Carlos Alberca, S. Pastrana, Guillermo Suarez-Tangil, P. Palmieri","doi":"10.1145/2903150.2911708","DOIUrl":"https://doi.org/10.1145/2903150.2911708","url":null,"abstract":"The pervasive presence of interconnected objects enables new communication paradigms where devices can easily reach each other while interacting within their environment. The so-called Internet of Things (IoT) represents the integration of several computing and communications systems aiming at facilitating the interaction between these devices. Arduino is one of the most popular platforms used to prototype new IoT devices due to its open, flexible and easy-to-use architecture. Ardunio Yun is a dual board microcontroller that supports a Linux distribution and it is currently one of the most versatile and powerful Arduino systems. This feature positions Arduino Yun as a popular platform for developers, but it also introduces unique infection vectors from the security viewpoint. In this work, we present a security analysis of Arduino Yun. We show that Arduino Yun is vulnerable to a number of attacks and we implement a proof of concept capable of exploiting some of them.","PeriodicalId":226569,"journal":{"name":"Proceedings of the ACM International Conference on Computing Frontiers","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2016-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130979023","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Hendrik Graupner, David Jaeger, Feng Cheng, C. Meinel
The relevance of identity data leaks on the Internet is more present than ever. Almost every month we read about leakage of databases with more than a million users in the news. Smaller but not less dangerous leaks happen even multiple times a day. The public availability of such leaked data is a major threat to the victims, but also creates the opportunity to learn not only about security of service providers but also the behavior of users when choosing passwords. Our goal is to analyze this data and generate knowledge that can be used to increase security awareness and security, respectively. This paper presents a novel approach to automatic analysis of a vast majority of bigger and smaller leaks. Our contribution is the concept and a prototype implementation of a parser, composed of a syntactic and a semantic module, and a data analyzer for identity leaks. In this context, we deal with the two major challenges of a huge amount of different formats and the recognition of leaks' unknown data types. Based on the data collected, this paper reveals how easy it is for criminals to collect lots of passwords, which are plain text or only weakly hashed.
{"title":"Automated parsing and interpretation of identity leaks","authors":"Hendrik Graupner, David Jaeger, Feng Cheng, C. Meinel","doi":"10.1145/2903150.2903156","DOIUrl":"https://doi.org/10.1145/2903150.2903156","url":null,"abstract":"The relevance of identity data leaks on the Internet is more present than ever. Almost every month we read about leakage of databases with more than a million users in the news. Smaller but not less dangerous leaks happen even multiple times a day. The public availability of such leaked data is a major threat to the victims, but also creates the opportunity to learn not only about security of service providers but also the behavior of users when choosing passwords. Our goal is to analyze this data and generate knowledge that can be used to increase security awareness and security, respectively. This paper presents a novel approach to automatic analysis of a vast majority of bigger and smaller leaks. Our contribution is the concept and a prototype implementation of a parser, composed of a syntactic and a semantic module, and a data analyzer for identity leaks. In this context, we deal with the two major challenges of a huge amount of different formats and the recognition of leaks' unknown data types. Based on the data collected, this paper reveals how easy it is for criminals to collect lots of passwords, which are plain text or only weakly hashed.","PeriodicalId":226569,"journal":{"name":"Proceedings of the ACM International Conference on Computing Frontiers","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2016-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126344555","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The concept of digital right management (DRM) has become extremely important in current mobile environments. This paper shows how partial bitstream encryption can allow the secure distribution of hardware applications resembling the mechanisms of traditional software DRM. Building on the recent developments towards the secure distribution of hardware cores, the paper demonstrates a prototypical implementation of a user mobile device supporting such distribution mechanisms. The prototype extends the Android operating system with support for hardware reconfigurability and showcases the interplay of novel security concepts enabled by hardware DRM, the advantages of a design flow based on high-level synthesis, and the opportunities provided by current software-rich reconfigurable Systems-on-Chips. Relying on this prototype, we also collected extensive quantitative results demonstrating the limited overhead incurred by the secure distribution architecture.
{"title":"Partial FPGA bitstream encryption enabling hardware DRM in mobile environments","authors":"M. Barbareschi, A. Cilardo, A. Mazzeo","doi":"10.1145/2903150.2911711","DOIUrl":"https://doi.org/10.1145/2903150.2911711","url":null,"abstract":"The concept of digital right management (DRM) has become extremely important in current mobile environments. This paper shows how partial bitstream encryption can allow the secure distribution of hardware applications resembling the mechanisms of traditional software DRM. Building on the recent developments towards the secure distribution of hardware cores, the paper demonstrates a prototypical implementation of a user mobile device supporting such distribution mechanisms. The prototype extends the Android operating system with support for hardware reconfigurability and showcases the interplay of novel security concepts enabled by hardware DRM, the advantages of a design flow based on high-level synthesis, and the opportunities provided by current software-rich reconfigurable Systems-on-Chips. Relying on this prototype, we also collected extensive quantitative results demonstrating the limited overhead incurred by the secure distribution architecture.","PeriodicalId":226569,"journal":{"name":"Proceedings of the ACM International Conference on Computing Frontiers","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2016-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131723924","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
D. Elia, S. Fiore, Alessandro D'Anca, Cosimo Palazzo, Ian T Foster, Dean N. Williams, G. Aloisio
This work presents the I/O in-memory server implemented in the context of the Ophidia framework, a big data analytics stack addressing scientific data analysis of n-dimensional datasets. The provided I/O server represents a key component in the Ophidia 2.0 architecture proposed in this paper. It exploits (i) a NoSQL approach to manage scientific data at the storage level, (ii) user-defined functions to perform array-based analytics, (iii) the Ophidia Storage API to manage heterogeneous back-ends through a plugin-based approach, and (iv) an in-memory and parallel analytics engine to address high scalability and performance. Preliminary performance results about a statistical analytics kernel benchmark performed on a HPC cluster running at the CMCC SuperComputing Centre are provided in this paper.
{"title":"An in-memory based framework for scientific data analytics","authors":"D. Elia, S. Fiore, Alessandro D'Anca, Cosimo Palazzo, Ian T Foster, Dean N. Williams, G. Aloisio","doi":"10.1145/2903150.2911719","DOIUrl":"https://doi.org/10.1145/2903150.2911719","url":null,"abstract":"This work presents the I/O in-memory server implemented in the context of the Ophidia framework, a big data analytics stack addressing scientific data analysis of n-dimensional datasets. The provided I/O server represents a key component in the Ophidia 2.0 architecture proposed in this paper. It exploits (i) a NoSQL approach to manage scientific data at the storage level, (ii) user-defined functions to perform array-based analytics, (iii) the Ophidia Storage API to manage heterogeneous back-ends through a plugin-based approach, and (iv) an in-memory and parallel analytics engine to address high scalability and performance. Preliminary performance results about a statistical analytics kernel benchmark performed on a HPC cluster running at the CMCC SuperComputing Centre are provided in this paper.","PeriodicalId":226569,"journal":{"name":"Proceedings of the ACM International Conference on Computing Frontiers","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2016-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122655782","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
E. Nurse, B. Mashford, Antonio Jimeno-Yepes, Isabell Kiral-Kornek, S. Harrer, D. Freestone
Deep learning technology is uniquely suited to analyse neurophysiological signals such as the electroencephalogram (EEG) and local field potentials (LFP) and promises to outperform traditional machine-learning based classification and feature extraction algorithms. Furthermore, novel cognitive computing platforms such as IBM's recently introduced neuromorphic TrueNorth chip allow for deploying deep learning techniques in an ultra-low power environment with a minimum device footprint. Merging deep learning and TrueNorth technologies for real-time analysis of brain-activity data at the point of sensing will create the next generation of wearables at the intersection of neurobionics and artificial intelligence.
{"title":"Decoding EEG and LFP signals using deep learning: heading TrueNorth","authors":"E. Nurse, B. Mashford, Antonio Jimeno-Yepes, Isabell Kiral-Kornek, S. Harrer, D. Freestone","doi":"10.1145/2903150.2903159","DOIUrl":"https://doi.org/10.1145/2903150.2903159","url":null,"abstract":"Deep learning technology is uniquely suited to analyse neurophysiological signals such as the electroencephalogram (EEG) and local field potentials (LFP) and promises to outperform traditional machine-learning based classification and feature extraction algorithms. Furthermore, novel cognitive computing platforms such as IBM's recently introduced neuromorphic TrueNorth chip allow for deploying deep learning techniques in an ultra-low power environment with a minimum device footprint. Merging deep learning and TrueNorth technologies for real-time analysis of brain-activity data at the point of sensing will create the next generation of wearables at the intersection of neurobionics and artificial intelligence.","PeriodicalId":226569,"journal":{"name":"Proceedings of the ACM International Conference on Computing Frontiers","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2016-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125291490","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
S. Banik, A. Bogdanov, Tiziana Fanni, Carlo Sau, L. Raffo, F. Palumbo, F. Regazzoni
In this paper, we propose a reconfigurable design of the Advanced Encryption Standard capable of adapting at runtime to the requirements of the target application. Reconfiguration is achieved by activating only a specific subset of all the instantiated processing elements. Further, we explore the effectiveness of power gating and clock gating methodologies to minimize the energy consumption of the processing elements not involved in computation.
{"title":"Adaptable AES implementation with power-gating support","authors":"S. Banik, A. Bogdanov, Tiziana Fanni, Carlo Sau, L. Raffo, F. Palumbo, F. Regazzoni","doi":"10.1145/2903150.2903488","DOIUrl":"https://doi.org/10.1145/2903150.2903488","url":null,"abstract":"In this paper, we propose a reconfigurable design of the Advanced Encryption Standard capable of adapting at runtime to the requirements of the target application. Reconfiguration is achieved by activating only a specific subset of all the instantiated processing elements. Further, we explore the effectiveness of power gating and clock gating methodologies to minimize the energy consumption of the processing elements not involved in computation.","PeriodicalId":226569,"journal":{"name":"Proceedings of the ACM International Conference on Computing Frontiers","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2016-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125109166","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
One part of large-scale data analytics is the problem of transferring the data across wide-area networks (WANs). Often, the data must be gathered (e.g., from remote sites), processed, possibly transferred (e.g., for further processing), and then possibly disseminated. If the data-transfer stages are bottlenecks, the overall data analytics pipeline will be affected. Although a variety of tools and protocols have been developed for large data transfers on WANs, most of the related work has been in the context of dedicated or non-shared networks. However, in practice, most networks are likely to be shared. We consider and evaluate the problem of large data transfers on shared networks and large round-trip-times (RTT) as are found on many WANs. Using a variety of synthetic background network traffic (e.g., uniform, TCP, UDP, square waveform, bursty), we compare the performance of well-known protocols (e.g., GridFTP, UDT). On our emulated WAN network, both GridFTP and UDT perform well in all-TCP situations, but UDT performs better when UDP-based background traffic is prominent.
{"title":"Large transfers for data analytics on shared wide-area networks","authors":"Hamidreza Anvari, P. Lu","doi":"10.1145/2903150.2911718","DOIUrl":"https://doi.org/10.1145/2903150.2911718","url":null,"abstract":"One part of large-scale data analytics is the problem of transferring the data across wide-area networks (WANs). Often, the data must be gathered (e.g., from remote sites), processed, possibly transferred (e.g., for further processing), and then possibly disseminated. If the data-transfer stages are bottlenecks, the overall data analytics pipeline will be affected. Although a variety of tools and protocols have been developed for large data transfers on WANs, most of the related work has been in the context of dedicated or non-shared networks. However, in practice, most networks are likely to be shared. We consider and evaluate the problem of large data transfers on shared networks and large round-trip-times (RTT) as are found on many WANs. Using a variety of synthetic background network traffic (e.g., uniform, TCP, UDP, square waveform, bursty), we compare the performance of well-known protocols (e.g., GridFTP, UDT). On our emulated WAN network, both GridFTP and UDT perform well in all-TCP situations, but UDT performs better when UDP-based background traffic is prominent.","PeriodicalId":226569,"journal":{"name":"Proceedings of the ACM International Conference on Computing Frontiers","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2016-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117251867","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In this presentation we will describe methodologies for integrated measurement and modeling of power and performance for extreme scale systems and applications.
在本次演讲中,我们将介绍用于极端规模系统和应用的功率和性能的集成测量和建模方法。
{"title":"Integrated measurement and modeling for performance and power","authors":"A. Hoisie","doi":"10.1145/2903150.2903912","DOIUrl":"https://doi.org/10.1145/2903150.2903912","url":null,"abstract":"In this presentation we will describe methodologies for integrated measurement and modeling of power and performance for extreme scale systems and applications.","PeriodicalId":226569,"journal":{"name":"Proceedings of the ACM International Conference on Computing Frontiers","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2016-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129213397","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Emerging non-volatile memory technologies offer the durability of disk and the byte-addressability of DRAM, which makes it feasible to build up single-level store systems. However, due to extremely low latency of persistent writes to non-volatile memory, software stack accounts for the majority of the overall performance overhead, one of which comes from crash consistency guarantees. In order to let persistent data structures survive power failures or system crashes, some measures, such as write-ahead logging or copy-on-write, along with frequent cacheline flushes, must be taken to ensure the consistency of durable data, thereby incurring non-trivial sync overhead. In this paper, we propose two techniques to mitigate the sync overhead. First, we leverage write-optimized non-volatile memory to store log entries on chip instead of off chip, thereby eliminating sync overhead. Second, we present an adaptive caching mode policy in terms of data access patterns to eliminate unnecessary sync overhead. Evaluation results indicate that the two techniques help improve the overall performance from 5.88x to 6.77x compared to conventional transactional persistent memory.
{"title":"Mitigating sync overhead in single-level store systems","authors":"Yuanchao Xu, Hu Wan, Zeyi Hou, Keni Qiu","doi":"10.1145/2903150.2903161","DOIUrl":"https://doi.org/10.1145/2903150.2903161","url":null,"abstract":"Emerging non-volatile memory technologies offer the durability of disk and the byte-addressability of DRAM, which makes it feasible to build up single-level store systems. However, due to extremely low latency of persistent writes to non-volatile memory, software stack accounts for the majority of the overall performance overhead, one of which comes from crash consistency guarantees. In order to let persistent data structures survive power failures or system crashes, some measures, such as write-ahead logging or copy-on-write, along with frequent cacheline flushes, must be taken to ensure the consistency of durable data, thereby incurring non-trivial sync overhead. In this paper, we propose two techniques to mitigate the sync overhead. First, we leverage write-optimized non-volatile memory to store log entries on chip instead of off chip, thereby eliminating sync overhead. Second, we present an adaptive caching mode policy in terms of data access patterns to eliminate unnecessary sync overhead. Evaluation results indicate that the two techniques help improve the overall performance from 5.88x to 6.77x compared to conventional transactional persistent memory.","PeriodicalId":226569,"journal":{"name":"Proceedings of the ACM International Conference on Computing Frontiers","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2016-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127382149","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Stencils account for a significant part in many scientific computing applications. Besides simple stencils which can be completed with a few arithmetic operations, there are also many register-limited stencils with hundreds or thousands of variables and operations. The massive registers required by these stencils largely limit the parallelism of the programs on current many-core architectures, and consequently degrade the overall performance. Based on the register usage, which is the major constraining factor for most register-limited stencils, we propose a DDG (data-dependency-graph) oriented code transformation approach to improve the performance of these stencils. This approach analyzes, reorders and transforms the original program on GPUs, and further explores for the best tradeoff between the computation amount and the parallelism degree. Based on our graphoriented code transformation approach, we further design and implement an automated code generation and tuning framework called Libra, to improve the productivity and performance simultaneously. We apply Libra to 5 widely used stencils, and experiment results show that these stencils achieve a speedup of 1.12~2.16X when compared with the original fairly-optimized implementations.
{"title":"Libra: an automated code generation and tuning framework for register-limited stencils on GPUs","authors":"Mengyao Jin, H. Fu, Zihong Lv, Guangwen Yang","doi":"10.1145/2903150.2903158","DOIUrl":"https://doi.org/10.1145/2903150.2903158","url":null,"abstract":"Stencils account for a significant part in many scientific computing applications. Besides simple stencils which can be completed with a few arithmetic operations, there are also many register-limited stencils with hundreds or thousands of variables and operations. The massive registers required by these stencils largely limit the parallelism of the programs on current many-core architectures, and consequently degrade the overall performance. Based on the register usage, which is the major constraining factor for most register-limited stencils, we propose a DDG (data-dependency-graph) oriented code transformation approach to improve the performance of these stencils. This approach analyzes, reorders and transforms the original program on GPUs, and further explores for the best tradeoff between the computation amount and the parallelism degree. Based on our graphoriented code transformation approach, we further design and implement an automated code generation and tuning framework called Libra, to improve the productivity and performance simultaneously. We apply Libra to 5 widely used stencils, and experiment results show that these stencils achieve a speedup of 1.12~2.16X when compared with the original fairly-optimized implementations.","PeriodicalId":226569,"journal":{"name":"Proceedings of the ACM International Conference on Computing Frontiers","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2016-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124087798","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: