Dhalion: self-regulating stream processing in Heron

June 30, 2017 ~ Adrian Colyer ~ 1 Comment

Dhalion: Self-regulating stream processing in Heron Floratou et al., VLDB 2017 Dhalion follows on nicely from yesterday's paper looking at the modular architecture of Heron, and aims to reduce the "complexity of configuring, managing, and deploying" streaming applications. In particular, streaming applications deployed as Heron topologies, although the authors are keen to point out the ... Continue Reading

Twitter Heron: towards extensible streaming engines

June 29, 2017 ~ Adrian Colyer ~ 4 Comments

Twitter Heron: Towards extensible streaming engines Fu et al., ICDE 2017 We previously looked at the initial Twitter Heron paper that announced Heron to the world. In this ICDE 2017 paper, the team give us an update based on the work done since as a result of open-sourcing Heron. ... we discuss the challenges we ... Continue Reading

An experimental security analysis of an industrial robot controller

June 28, 2017 ~ Adrian Colyer ~ 6 Comments

An experimental security analysis of an industrial robot controller Quarta et al., IEEE Security and Privacy 2017 This is an industrial robot: The International Federation of Robotics forecasts that, by 2018, approximately 1.3 million industrial robot units will be employed in factories globally, and the international market value for "robotized" systems is approximately 32 billion ... Continue Reading

Hijacking Bitcoin: routing attacks on cryptocurrencies

June 27, 2017 ~ Adrian Colyer ~ 13 Comments

Hijacking Bitcoin: routing attacks on cryptocurrencies Apostolaki et al., IEEE Security and Privacy 2017 The Bitcoin network has more than 6,000 nodes, responsible for up to 300,000 daily transactions and 16 million bitcoins valued at roughly $17B. Given the amount of money at stake, Bitcoin is an obvious target for attackers. This paper introduces a ... Continue Reading

SoK: Cryptographically protected database search

June 26, 2017 ~ Adrian Colyer ~ Leave a comment

SoK: Cryptographically proctected database search Fuller et al., IEEE Security and Privacy 2017 This is a survey paper (Systematization of Knowledge, SoK) reviewing the current state of protected database search (encrypted databases). As such, it packs a lot of information into a relatively small space. As we've seen before, there are a wide-variety of cryptographic ... Continue Reading

Cloak and dagger: from two permissions to complete control of the UI feedback loop

June 23, 2017 ~ Adrian Colyer ~ 1 Comment

Cloak and dagger: from two permissions to complete control of the UI feedback loop Fratantonio et al., IEEE Security and Privacy 2017 If you're using Android, then 'cloak and dagger' is going to make for scary reading. It's a perfect storm of an almost undetectable attack that can capture passwords, pins, and ultimately obtain all ... Continue Reading

IoT goes nuclear: creating a ZigBee chain reaction

June 22, 2017 ~ Adrian Colyer ~ 22 Comments

IoT goes nuclear: creating a ZigBee chain reaction Ronen et al., IEEE Security and Privacy 2017 You probably don't need another reminder about the woeful state of security in IoT, but today's paper choice may well give you further pause for thought about the implications. The opening paragraph sounds like something out of science fiction ... Continue Reading

The password reset MitM attack

June 21, 2017 ~ Adrian Colyer ~ 11 Comments

The password reset MitM attack Gelernter et al., IEEE Security and Privacy 2017 The Password Reset Man-in-the-Middle (PRMitM) attack is really very simple, but that doesn't mean it's not dangerous. It involves persuading the user to sign-up for an account for some service under the attacker's control (maybe there's an enticing free download for example), ... Continue Reading

How they did it: an analysis of emissions defeat devices in modern automobiles

June 20, 2017 ~ Adrian Colyer ~ Leave a comment

How they did it: an analysis of emission defeat devices in modern automobiles Contag et al., IEEE Security and Privacy 2017 We'll be looking at a selection of papers from the IEEE Security and Privacy 2017 conference over the next few days, starting with this wonderful tear down of the defeat devices used by Volkswagen ... Continue Reading

Hardware is the new software

June 19, 2017 ~ Adrian Colyer ~ 8 Comments

Hardware is the new software Baumann, HotOS'17 This is a very readable short paper that sheds an interesting light on what's been happening with the Intel x86 instruction set architecture (ISA) of late. We're seeing a sharp rise in the number and complexity of extensions, with some interesting implications for systems researchers (and for Intel!). ... Continue Reading

the morning paper

a random walk through Computer Science research, by Adrian Colyer
Made delightfully fast by strattic

Month: June 2017