Small world with high risks: a study of security threats in the npm ecosystem

September 30, 2019May 25, 2020 ~ Adrian Colyer ~ 24 Comments

Small world with high risks: a study of security threats in the npm ecosystem Zimmermann et al., USENIX Security Symposium 2019 This is a fascinating study of the npm ecosystem, looking at the graph of maintainers and packages and its evolution over time. It’s packed with some great data, and also helps us quantify something ... Continue Reading

Wireless attacks on aircraft instrument landing systems

September 27, 2019May 25, 2020 ~ Adrian Colyer ~ 33 Comments

Wireless attacks on aircraft instrument landing systems Sathaye et al., USENIX Security Symposium 2019 It’s been a while since we last looked at security attacks against connected real-world entities (e.g., industrial machinery, light-bulbs, and cars). Today’s paper is a good reminder of just how important it is becoming to consider cyber threat models in what ... Continue Reading

50 ways to leak your data: an exploration of apps’ circumvention of the Android permissions system

September 25, 2019May 25, 2020 ~ Adrian Colyer ~ 25 Comments

50 ways to leak your data: an exploration of apps’ circumvention of the Android permissions system Reardon et al., USENIX Security Symposium 2019 The problem is all inside your app, she said to me / The answer is easy if you take it logically / I’d like to help data in its struggle to be ... Continue Reading

The secret-sharer: evaluating and testing unintended memorization in neural networks

September 23, 2019May 25, 2020 ~ Adrian Colyer ~ 3 Comments

The secret sharer: evaluating and testing unintended memorization in neural networks Carlini et al., USENIX Security Symposium 2019 This is a really important paper for anyone working with language or generative models, and just in general for anyone interested in understanding some of the broader implications and possible unintended consequences of deep learning. There’s also ... Continue Reading

Even more amazing papers at VLDB 2019 (that I didn’t have space to cover yet)

September 20, 2019May 25, 2020 ~ Adrian Colyer ~ 2 Comments

We’ve been covering papers from VLDB 2019 for the last three weeks, and next week it will be time to mix things up again. There were so many interesting papers at the conference this year though that I haven’t been able to cover nearly as many as I would like. So today’s post is a ... Continue Reading

Updating graph databases with Cypher

September 18, 2019May 25, 2020 ~ Adrian Colyer ~ 3 Comments

Updating graph databases with Cypher Green et al., VLDB'19 This is the story of a great collaboration between academia, industry, and users of the Cypher graph querying language as created by Neo4j. Beyond Neo4j, Cypher is also supported in SAP HANA Graph, RedisGraph, Agnes Graph, and Memgraph. Cypher for Apache Spark, and Cypher over Gremlin ... Continue Reading

Fine-grained, secure and efficient data provenance on blockchain systems

September 16, 2019May 25, 2020 ~ Adrian Colyer ~ 4 Comments

Fine-grained, secure and efficient data provenance on blockchain systems Ruan et al., VLDB'19 We haven’t covered a blockchain paper on The Morning Paper for a while, and today’s choice won the best paper award at VLDB’19. The goal here is to enable smart contracts to be written in which the contract logic depends on the ... Continue Reading

Declarative recursive computation on an RDBMS

September 13, 2019May 25, 2020 ~ Adrian Colyer ~ 2 Comments

Declarative recursive computation on an RDBMS... or, why you should use a database for distributed machine learing Jankov et al., VLDB'19 If you think about a system like Procella that’s combining transactional and analytic workloads on top of a cloud-native architecture, extensions to SQL for streaming, dataflow based materialized views (see e.g. Naiad, Noria, Multiverses, ... Continue Reading

Procella: unifying serving and analytical data at YouTube

September 11, 2019May 25, 2020 ~ Adrian Colyer ~ 25 Comments

Procella: unifying serving and analytical data at YouTube Chattopadhyay et al., VLDB'19 Academic papers aren’t usually set to music, but if they were the chorus of Queen’s "I want it all (and I want it now...)" seems appropriate here. Anchored in the primary use case of supporting Google’s YouTube business, what we’re looking at here ... Continue Reading

Experiences with approximating queries in Microsoft’s production big-data clusters

September 9, 2019May 25, 2020 ~ Adrian Colyer ~ 2 Comments

Experiences with approximating queries in Microsoft’s production big-data clusters Kandula et al., VLDB'19 I’ve been excited about the potential for approximate query processing in analytic clusters for some time, and this paper describes its use at scale in production. Microsoft’s big data clusters have 10s of thousands of machines, and are used by thousands of ... Continue Reading

the morning paper

a random walk through Computer Science research, by Adrian Colyer
Made delightfully fast by strattic

Month: September 2019