Publications
SoK: cryptographically protected database search
May 22, 2017
Conference Paper
Published in:
IEEE Symp. on Security and Privacy, 22-26 May 2017.
Summary
Protected database search systems cryptographically isolate the roles of reading from, writing to, and administering the database. This separation limits unnecessary administrator access and protects data in the case of system breaches. Since protected search was introduced in 2000, the area has grown rapidly, systems are offered by academia, start-ups, and established companies. However, there is no best protected search system or set of techniques. Design of such systems is a balancing act between security, functionality, performance, and usability. This challenge is made more difficult by ongoing database specialization, as some users will want the functionality of SQL, NoSQL, or NewSQL databases. This database evolution will continue, and the protected search community should be able to quickly provide functionality consistent with newly invented databases. At the same time, the community must accurately and clearly characterize the tradeoffs between different approaches. To address these challenges, we provide the following contributions:(1) An identification of the important primitive operations across database paradigms. We find there are a small number of base operations that can be used and combined to support a large number of database paradigms.(2) An evaluation of the current state of protected search systems in implementing these base operations. This evaluation describes the main approaches and tradeoffs for each base operation. Furthermore, it puts protected search in the context of unprotected search, identifying key gaps in functionality.(3) An analysis of attacks against protected search for different base queries.(4) A roadmap and tools for transforming a protected search system into a protected database, including an open-source performance evaluation platform and initial user opinions of protected search.
Summary
Protected database search systems cryptographically isolate the roles of reading from, writing to, and administering the database. This separation limits unnecessary administrator access and protects data in the case of system breaches. Since protected search was introduced in 2000, the area has grown rapidly, systems are offered by academia, start-ups...
READ MORE
Strong effect of azodye layer thickness on RM-stabilized photoalignment
May 21, 2017
Conference Paper
Published in:
SID Symp. Digest of Tech. Papers, Vol. 48, No. 1, May 2017, pp. 578-81.
Topic:
R&D area:
Summary
We have previously proposed a process for stabilizing azodye photo-alignment layers using a surface localized reactive mesogen (RM) layer applied by dissolving the monomer in a liquid crystal prior to filling the cell. Surprisingly, thin azodye layers (~3 nm) exhibit improved stability upon exposure to polarized light compared to thicker layers (~40 nm).
Summary
We have previously proposed a process for stabilizing azodye photo-alignment layers using a surface localized reactive mesogen (RM) layer applied by dissolving the monomer in a liquid crystal prior to filling the cell. Surprisingly, thin azodye layers (~3 nm) exhibit improved stability upon exposure to polarized light compared to thicker...
READ MORE
Broadband transparent optical phase change materials
May 14, 2017
Conference Paper
Published in:
CLEO: Conf. on Lasers and Electro-Optics, 14-19 May 2017.
Summary
We report a new group of optical phase change materials Ge-Sb-Se-Te (GSST) with low loss from telecom bands to LWIR. We further demonstrated GSST-integratedSiN photonics with significantly improved switching performance over conventional GST alloys.
Summary
We report a new group of optical phase change materials Ge-Sb-Se-Te (GSST) with low loss from telecom bands to LWIR. We further demonstrated GSST-integratedSiN photonics with significantly improved switching performance over conventional GST alloys.
READ MORE
Fabrication security and trust of domain-specific ASIC processors
May 1, 2017
Conference Paper
Published in:
IEEE Intl. Symp. on Hardware Oriented Security and Trust, HOST, 1-5 May 2017.
Summary
Application specific integrated circuits (ASICs) are commonly used to implement high-performance signal-processing systems for high-volume applications, but their high development costs and inflexible nature make ASICs inappropriate for algorithm development and low-volume DoD applications. In addition, the intellectual property (IP) embedded in the ASIC is at risk when fabricated in an untrusted foundry. Lincoln Laboratory has developed a flexible signal-processing architecture to implement a wide range of algorithms within one application domain, for example radar signal processing. In this design methodology, common signal processing kernels such as digital filters, fast Fourier transforms (FFTs), and matrix transformations are implemented as optimized modules, which are interconnected by a programmable wiring fabric that is similar to the interconnect in a field programmable gate array (FPGA). One or more programmable microcontrollers are also embedded in the fabric to sequence the operations. This design methodology, which has been termed a coarse-grained FPGA, has been shown to achieve a near ASIC level of performance. In addition, since the signal processing algorithms are expressed in firmware that is loaded at runtime, the important application details are protected from an unscrupulous foundry.
Summary
Application specific integrated circuits (ASICs) are commonly used to implement high-performance signal-processing systems for high-volume applications, but their high development costs and inflexible nature make ASICs inappropriate for algorithm development and low-volume DoD applications. In addition, the intellectual property (IP) embedded in the ASIC is at risk when fabricated in...
READ MORE
Wind turbine interference mitigation using a waveform diversity radar
April 27, 2017
Journal Article
Published in:
IEEE Trans. Aerosp. Electron. Syst., Vol. 53, No. 2, April 2017, pp. 805-15.
Summary
Interference from the proliferation of wind turbines is becoming a problem for ground-based medium-to-high pulse repetition frequency (PRF) pulsed–Doppler air surveillance radars. This paper demonstrates that randomizing some parameters of the transmit waveform from pulse to pulse, a filter can be designed to suppress both the wind turbine interference and the ground clutter. Furthermore, a single coherent processing interval (CPI) is sufficient to make an unambiguous range measurement. Therefore, multiple CPIs are not needed for range disambiguation, as in the staggered PRFs techniques. First, we consider a waveform with fixed PRF but diverse (random) initial phase applied to each transmit pulse. Second, we consider a waveform with diverse (random) PRF. The theoretical results are validated through simulations and analysis of experimental data. Clutter-plus-interference suppression and range disambiguation in a single CPI may be attractive to the Federal Aviation Administration and coastal radars.
Summary
Interference from the proliferation of wind turbines is becoming a problem for ground-based medium-to-high pulse repetition frequency (PRF) pulsed–Doppler air surveillance radars. This paper demonstrates that randomizing some parameters of the transmit waveform from pulse to pulse, a filter can be designed to suppress both the wind turbine interference and...
READ MORE
Seismic barrier protection of critical infrastructure
April 25, 2017
Conference Paper
Published in:
16th Annual IEEE Int. Symp. on Technologies for Homeland Security, HST 2017, 25-26 April 2017.
Topic:
R&D area:
Summary
Each year, on average a major magnitude-8 earthquake strikes somewhere in the world. In addition, 10,000 earthquake related deaths occur annually, where collapsing buildings claim by far most lives. Moreover, in recent events, industry activity of oil extraction and wastewater reinjection are suspected to cause earthquake swarms that threaten high-value oil pipeline networks, U.S. oil storage reserves, and civilian homes. Earthquake engineering of building structural designs and materials have evolved over many years to minimize the destructive effects of seismic surface waves. However, even under the best engineering practices, significant damage and numbers of fatalities can still occur. In this paper, we present a novel concept and approach to redirect and attenuate the ground motion amplitudes caused by earthquakes by implementing an engineered subsurface seismic barrier – creating a form of metamaterial. The barrier is comprised of borehole array complexes and trench designs that impede and divert destructive seismic surface waves from a designated 'protection zone'. The barrier is also designed to divert not only surface waves in the aerial plane, but includes vertical 'V' shaped muffler structures composed of opposing boreholes to mitigate seismic waves from diffracting and traveling in the vertical plane. Computational 2D and 3D seismic wave propagation models developed at MIT Lincoln Laboratory suggest that borehole array and trench arrangements are critical to the redirection and self-interference reduction of broadband hazardous seismic waves in the vicinity of the structure to protect. The computational models are compared with experimental data obtained from large bench-scale physical models that contain scaled borehole arrays and trenches. These experiments are carried out at high frequencies, but with suitable material parameters and borehole dimensions. They indicate that effects of a devastating 7.0 Mw -magnitude earthquake can be reduced to those of a minor magnitude-4.5 or -5.5 Mw earthquake within a suitable protection zone. These results are very promising, and warrant validation in field scale tests.
Summary
Each year, on average a major magnitude-8 earthquake strikes somewhere in the world. In addition, 10,000 earthquake related deaths occur annually, where collapsing buildings claim by far most lives. Moreover, in recent events, industry activity of oil extraction and wastewater reinjection are suspected to cause earthquake swarms that threaten high-value...
READ MORE
Effect of surface roughness and H-termination chemistry on diamond's semiconducting surface conductance
April 10, 2017
Journal Article
Published in:
Diamond Related Mater., Vol. 76, 1 June 2017, pp. 79-85.
Topic:
R&D area:
Summary
The H-terminated surface of diamond when activated with NO2 produces a surface conduction layer that has been used to make FETs. Variations in processing can significantly affect this conduction layer. This article discusses the effect of diamond surface preparation and H termination procedures on surface conduction. Surface preparations that generate a rough surface result in a more conductive surface with the conductivity increasing with surface roughness. We hypothesize that the increase in conductance with roughness is the result of an increase of reactive sites that generate the carriers. Roughening the diamond surface is just one way to generate these sites and the rough surface is believed to be a separate property from the density of surface reactive sites. The presence of C in the H2 plasma used for H termination decreases surface conductance. A simple procedure for NO2 activation is demonstrated. Interpretation of electrical measurements and possible alternatives to activation with NO2 are discussed. Using Kasu's oxidation model for surface conductance as a guide, compounds other than NO2 have been found to activate the diamond surface as well.
Summary
The H-terminated surface of diamond when activated with NO2 produces a surface conduction layer that has been used to make FETs. Variations in processing can significantly affect this conduction layer. This article discusses the effect of diamond surface preparation and H termination procedures on surface conduction. Surface preparations that generate...
READ MORE
Twitter language identification of similar languages and dialects without ground truth
April 3, 2017
Conference Paper
Published in:
Proc. 4th Workshop on NLP for Similar Languages, Varieties and Dialects, 3 April 2017, pp. 73-83.
Topic:
R&D area:
Summary
We present a new method to bootstrap filter Twitter language ID labels in our dataset for automatic language identification (LID). Our method combines geolocation, original Twitter LID labels, and Amazon Mechanical Turk to resolve missing and unreliable labels. We are the first to compare LID classification performance using the MIRA algorithm and langid.py. We show classifier performance on different versions of our dataset with high accuracy using only Twitter data, without ground truth, and very few training examples. We also show how Platt Scaling can be use to calibrate MIRA classifier output values into a probability distribution over candidate classes, making the output more intuitive. Our method allows for fine-grained distinctions between similar languages and dialects and allows us to rediscover the language composition of our Twitter dataset.
Summary
We present a new method to bootstrap filter Twitter language ID labels in our dataset for automatic language identification (LID). Our method combines geolocation, original Twitter LID labels, and Amazon Mechanical Turk to resolve missing and unreliable labels. We are the first to compare LID classification performance using the MIRA...
READ MORE
Bounded-collusion attribute-based encryption from minimal assumptions
March 28, 2017
Conference Paper
Published in:
IACR 20th Int. Conf. on Practice and Theory of Public Key Cryptography, PKC 2017, 28-31 March 2017.
Topic:
R&D area:
R&D group:
Summary
Attribute-based encryption (ABE) enables encryption of messages under access policies so that only users with attributes satisfying the policy can decrypt the ciphertext. In standard ABE, an arbitrary number of colluding users, each without an authorized attribute set, cannot decrypt the ciphertext. However, all existing ABE schemes rely on concrete cryptographic assumptions such as the hardness of certain problems over bilinear maps or integer lattices. Furthermore, it is known that ABE cannot be constructed from generic assumptions such as public-key encryption using black-box techniques. In this work, we revisit the problem of constructing ABE that tolerates collusions of arbitrary but a priori bounded size. We present two ABE schemes secure against bounded collusions that require only semantically secure public-key encryption. Our schemes achieve significant improvement in the size of the public parameters, secret keys, and ciphertexts over the previous construction of bounded-collusion ABE from minimal assumptions by Gorbunov et al. (CRYPTO 2012). In fact, in our second scheme, the size of ABE secret keys does not grow at all with the collusion bound. As a building block, we introduce a multidimensional secret-sharing scheme that may be of independent interest. We also obtain bounded-collusion symmetric-key ABE (which requires the secret key for encryption) by replacing the public-key encryption with symmetric-key encryption, which can be built from the minimal assumption of one-way functions.
Summary
Attribute-based encryption (ABE) enables encryption of messages under access policies so that only users with attributes satisfying the policy can decrypt the ciphertext. In standard ABE, an arbitrary number of colluding users, each without an authorized attribute set, cannot decrypt the ciphertext. However, all existing ABE schemes rely on concrete...
READ MORE
Predicting exploitation of disclosed software vulnerabilities using open-source data
March 24, 2017
Conference Paper
Published in:
3rd ACM Int. Workshop on Security and Privacy Analytics, IWSPA 2017, 24 March 2017.
Summary
Each year, thousands of software vulnerabilities are discovered and reported to the public. Unpatched known vulnerabilities are a significant security risk. It is imperative that software vendors quickly provide patches once vulnerabilities are known and users quickly install those patches as soon as they are available. However, most vulnerabilities are never actually exploited. Since writing, testing, and installing software patches can involve considerable resources, it would be desirable to prioritize the remediation of vulnerabilities that are likely to be exploited. Several published research studies have reported moderate success in applying machine learning techniques to the task of predicting whether a vulnerability will be exploited. These approaches typically use features derived from vulnerability databases (such as the summary text describing the vulnerability) or social media posts that mention the vulnerability by name. However, these prior studies share multiple methodological shortcomings that infl ate predictive power of these approaches. We replicate key portions of the prior work, compare their approaches, and show how selection of training and test data critically affect the estimated performance of predictive models. The results of this study point to important methodological considerations that should be taken into account so that results reflect real-world utility.
Summary
Each year, thousands of software vulnerabilities are discovered and reported to the public. Unpatched known vulnerabilities are a significant security risk. It is imperative that software vendors quickly provide patches once vulnerabilities are known and users quickly install those patches as soon as they are available. However, most vulnerabilities are...
READ MORE