# Cryptography and Security (cs.CR)

• Covert communication conceals the transmission of the message from an attentive adversary. Recent work on the limits of covert communication in additive white Gaussian noise (AWGN) channels has demonstrated that a covert transmitter (Alice) can reliably transmit a maximum of $\mathcal{O}\left(\sqrt{n}\right)$ bits to a covert receiver (Bob) without being detected by an adversary (Warden Willie) in $n$ channel uses. This paper focuses on the scenario where other friendly nodes distributed according to a two-dimensional Poisson point process with density $m$ are present in the environment. We propose a strategy where the friendly node closest to the adversary, without close coordination with Alice, produces artificial noise. We show that this method allows Alice to reliably and covertly send $\mathcal{O}(\min\{{n,m^{\gamma/2}\sqrt{n}}\})$ bits to Bob in $n$ channel uses, where $\gamma$ is the path-loss exponent. Moreover, we also consider a setting where there are $N_{\mathrm{w}}$ collaborating adversaries uniformly and randomly located in the environment and show that in $n$ channel uses, Alice can reliably and covertly send $\mathcal{O}\left(\min\left\{n,\frac{m^{\gamma/2} \sqrt{n}}{N_{\mathrm{w}}^{\gamma}}\right\}\right)$ bits to Bob when $\gamma >2$, and $\mathcal{O}\left(\min\left\{n,\frac{m \sqrt{n}}{N_{\mathrm{w}}^{2}\log^2 {N_{\mathrm{w}}}}\right\}\right)$ when $\gamma = 2$. Conversely, under mild restrictions on the communication strategy, we demonstrate that no higher covert throughput is possible for $\gamma>2$.
• Modern malware families often rely on domain-generation algorithms (DGAs) to determine rendezvous points to their command-and-control server. Traditional defence strategies (such as blacklisting domains or IP addresses) are inadequate against such techniques due to the large and continuously changing list of domains produced by these algorithms. This paper demonstrates that a machine learning approach based on recurrent neural networks is able to detect domain names generated by DGAs with high precision. The neural models are estimated on a large training set of domains generated by various malwares. Experimental results show that this data-driven approach can detect malware-generated domain names with a F_1 score of 0.971. To put it differently, the model can automatically detect 93 % of malware-generated domain names for a false positive rate of 1:100.
• In recent years, fuzz testing has proven itself to be one of the most effective techniques for finding correctness bugs and security vulnerabilities in practice. One particular fuzz testing tool, American Fuzzy Lop or AFL, has become popular thanks to its ease-of-use and bug-finding power. However, AFL remains limited in the depth of program coverage it achieves, in particular because it does not consider which parts of program inputs should not be mutated in order to maintain deep program coverage. We propose an approach, FairFuzz, that helps alleviate this limitation in two key steps. First, FairFuzz automatically prioritizes inputs exercising rare parts of the program under test. Second, it automatically adjusts the mutation of inputs so that the mutated inputs are more likely to exercise these same rare parts of the program. We conduct evaluation on real-world programs against state-of-the-art versions of AFL, thoroughly repeating experiments to get good measures of variability. We find that on certain benchmarks FairFuzz shows significant coverage increases after 24 hours compared to state-of-the-art versions of AFL, while on others it achieves high program coverage at a significantly faster rate.
• Operationalizing machine learning based security detections is extremely challenging, especially in a continuously evolving cloud environment. Conventional anomaly detection does not produce satisfactory results for analysts that are investigating security incidents in the cloud. Model evaluation alone presents its own set of problems due to a lack of benchmark datasets. When deploying these detections, we must deal with model compliance, localization, and data silo issues, among many others. We pose the problem of "attack disruption" as a way forward in the security data science space. In this paper, we describe the framework, challenges, and open questions surrounding the successful operationalization of machine learning based security detections in a cloud environment and provide some insights on how we have addressed them.
• The local model for differential privacy is emerging as the reference model for practical applications collecting and sharing sensitive information while satisfying strong privacy guarantees. In the local model, there is no trusted entity which is allowed to have each individual's raw data as is assumed in the traditional curator model for differential privacy. So, individuals' data are usually perturbed before sharing them. We explore the design of private hypothesis tests in the local model, where each data entry is perturbed to ensure the privacy of each participant. Specifically, we analyze locally private chi-square tests for goodness of fit and independence testing, which have been studied in the traditional, curator model for differential privacy.
• We consider a new concept of biometric-based cybersecurity systems for active authentication by continuous tracking, which utilizes biochemical processing of metabolites present in skin secretions. Skin secretions contain a large number of metabolites and small molecules that can be targeted for analysis. Here we argue that amino acids found in sweat can be exploited for the establishment of an amino acid profile capable of identifying an individual user of a mobile or wearable device. Individual and combinations of amino acids processed by biocatalytic cascades yield physical (optical or electronic) signals, providing a time-series of several outputs that, in their entirety, should suffice to authenticate a specific user based on standard statistical criteria. Initial results, motivated by biometrics, indicate that single amino acid levels can provide analog signals that vary according to the individual donor, albeit with limited resolution versus noise. However, some such assays offer digital separation (into well-defined ranges of values) according to groups such as age, biological sex, race, and physiological state of the individual. Multi-input biocatalytic cascades that handle several amino acid signals to yield a single digital-type output, as well as continuous-tracking time-series data rather than a single-instance sample, should enable active authentication at the level of an individual.

J. Smith Dec 14 2016 17:43 UTC

Very good Insight on android security problems and malware. Nice Work !

sattath Oct 05 2016 12:13 UTC

Thank you for your kind words. Indeed, we worked hard to achieve the attributes you mentioned.

Frédéric Grosshans Oct 04 2016 15:05 UTC

I do not find this second abstract more informative, and it is definitely less entertaining to read. I really like the original abstract because, despite its tale format, it really works as an informative abstract.

Chris Ferrie Oct 04 2016 01:31 UTC

I approve of this comment.

Cedric Yen-Yu Lin Sep 29 2016 12:54 UTC

Sounds like a nice fable for young readers of [this book][1].

[1]: https://www.amazon.com/Quantum-Physics-Babies-Chris-Ferrie/dp/1492309532

sattath Sep 29 2016 11:15 UTC

We introduce a new quantum cryptographic primitive which we call
a tokenized signature scheme. Such a scheme can be used as an ordinary
digital signature scheme, with the additional property that the signer
can produce and distribute one-use quantum si

...(continued)
Aram Harrow Feb 29 2016 03:37 UTC

Thanks for the reply. (3) is an interesting case to think about and it does seem that these attacks could be very significant then. And of course it's always good to improve the theoretical guarantees even if this is only relevant against future attacks.

For (2) it still does seem that if the l

...(continued)
Anthony Leverrier Feb 28 2016 16:59 UTC

There are 3 interesting time scales to consider:

1) As long as nobody has a quantum computer, our results don't have any practical relevance. That's clear.

2) When malicious parties start having access to quantum computers, the situation becomes more shady. For the reasons you mention, if the

...(continued)
Aram Harrow Feb 27 2016 18:06 UTC

This result really surprised me! But I don't understand how it could be used in practice.

Let's say Alice and Bob are communicating over the internet using AES and Eve records all their messages. She's not making any queries and can't break anything.

Let's say Alice is a web server who retur

...(continued)
TQC 2014 Program Committee Jun 03 2014 10:38 UTC

### Reviewer 1 ###

Summary of Result:

This submission studies a new notion called “partial-indistinguishability” in the context of circuit obfuscation and provides two instantiations of obfuscators (satisfying the new notion) of classical and quantum circuits respectively. Moreover, the constr

...(continued)