In this paper, we introduce a new class of side–channel attacks called partitioning attacks. We have successfully launched a version of the attack on several implementations of COMP128, the popular GSM authentication algorithm that has been deployed by different service providers in several types of SIM cards, to retrieve the 128 bit key using as few as 8 chosen plaintexts. We show how partitio...

A military arms race is characterized by a iterative development of measures and countermeasures. An attacker attempts to introduce new weapons in order to gain some advantage, whereas a defender attempts to develop countermeasures that can mitigate or even eliminate the effects of the weapons. This paper addresses the defender’s decision problem: given limited resources, which countermeasures ...

Web tracking continues to pose a vexing policy problem. Surveys have repeatedly demonstrated substantial consumer demand for control mechanisms, and policymakers worldwide have pressed for a Do Not Track system that effectuates user preferences. At present, however, consumers are left in the lurch: existing control mechanisms and countermeasures have spotty effectiveness and are difficult to us...

This paper presents four algorithms for securing elliptic curve scalar multiplication against power analysis. The highest-weight binary form (HBF) of scalars and randomization are applied to resist power analysis. By using a special method to recode the scalars, the proposed algorithms do not suffer from simple power analysis (SPA). With the randomization of the secret scalar or base point, thr...

Aiming at problems existing in the process of establishing innovative teaching teams in colleges and universities, the paper brings forward the basic characteristics of innovative teaching teams and the countermeasures of establishing innovative teaching teams in colleges and universities, which include improving study structure of the teams, continuous study and strengthening continuous innova...

This paper discusses a potential security issue in common operating system and application environments regarding dynamically attached devices and device interfaces. A set of countermeasures for the identified threats is described along with the integration of countermeasures into a policy-based security infrastructure; finally, an implementation of the countermeasure in the form of a policy en...

This paper provides a simple but powerful theoretical framework for understanding and combining different approaches to software design. The main result is expressed in what we call The Principle of Limited Reduction. This principle states that relying on analytical behavior to reduce complexity introduces new sources of uncertainty and this requires experimental countermeasures. Correspondingl...

We have developed path-planning techniques and tools to look for paths through minefields. Our techniques seek to balance the length and risk associated with different routes through a minefield. Our methods are intended to provide battlegroup commanders powerful new tools to evaluate alternative routes while searching for low risk paths. It is well known how to find the path of shortest distan...

This paper presents the Speech Technology Center (STC) replay attack detection systems proposed for Automatic Speaker Verification Spoofing and Countermeasures Challenge 2017. In this study we focused on comparison of different spoofing detection approaches. These were GMM based methods, high level features extraction with simple classifier and deep learning frameworks. Experiments performed on...

We propose a mitigation model that evaluates individual and combined countermeasures against multi-step cyber-attack scenarios. The goal is to anticipate the actions of an attacker that wants to disrupt a given system (e.g., an information system). The process is driven by an attack graph formalism, enforced with a stateful return on response investment metric that optimally evaluates, ranks an...