kth.sePublications
Change search
Refine search result
1234567 51 - 100 of 518
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Rows per page
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sort
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
Select
The maximal number of hits you can export is 250. When you want to export more records please use the Create feeds function.
  • 51.
    Austrin, Per
    et al.
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Kreitz, Gunnar
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Lower bounds for Subset Cover based Broadcast Encryption2008In: PROGRESS IN CRYPTOLOGY - AFRICACRYPT 2008  , 2008, Vol. 5023, p. 343-356Conference paper (Refereed)
    Abstract [en]

    In this paper, we prove lower bounds for a large class of Subset Cover schemes (including all existing schemes based on pseudo-random sequence generators). In particular, we show that For small r, bandwidth is Omega(r) For some r, bandwidth is Omega(n/log(s)) For large r, bandwidth is n - r where n is the number of users, r is the number of revoked users, and s is the space required per user. These bounds are all tight in the sense that they match known constructions up to small constants.

  • 52.
    Austrin, Per
    et al.
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Manokaran, Rajsekar
    KTH, School of Computer Science and Communication (CSC).
    Wenner, Cenny
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    On the NP-hardness of approximating ordering constraint satisfaction problems2013In: Approximation, Randomization, and Combinatorial Optimization. Algorithms and Techniques: 16th International Workshop, APPROX 2013, and 17th International Workshop, RANDOM 2013, Berkeley, CA, USA, August 21-23, 2013. Proceedings, Springer, 2013, p. 26-41Conference paper (Refereed)
    Abstract [en]

    We show improved NP-hardness of approximating Ordering Constraint Satisfaction Problems (OCSPs). For the two most well-studied OCSPs, Maximum Acyclic Subgraph and Maximum Betweenness, we prove inapproximability of 14/15 + ε and 1/2 + ε. An OCSP is said to be approximation resistant if it is hard to approximate better than taking a uniformly random ordering. We prove that the Maximum Non- Betweenness Problem is approximation resistant and that there are width-m approximation-resistant OCSPs accepting only a fraction 1/(m/2)! of assignments. These results provide the first examples of approximation-resistant OCSPs subject only to P ≠ NP. Our reductions from Label Cover differ from previous works in two ways. First, we establish a somewhat general bucketing lemma permitting us to reduce the analysis of ordering predicates to that of classical predicates. Second, instead of "folding", which is not available for ordering predicates, we employ permuted instantiations of the predicates to limit the value of poorly correlated strategies.

  • 53.
    Austrin, Per
    et al.
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Manokaran, Rajsekar
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Wenner, Cenny
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    On the NP-hardness of approximating ordering-constraint satisfaction problems2015In: Theory of Computing, E-ISSN 1557-2862, Vol. 11, p. 257-283Article in journal (Refereed)
    Abstract [en]

    We show improved NPNP-hardness of approximating Ordering-Constraint Satisfaction Problems (OCSPs). For the two most well-studied OCSPs, Maximum Acyclic Subgraph and Maximum Betweenness, we prove NPNP-hard approximation factors of 14/15+ε14/15+ε and 1/2+ε1/2+ε. When it is hard to approximate an OCSP by a constant better than taking a uniformly-at-random ordering, then the OCSP is said to be approximation resistant. We show that the Maximum Non-Betweenness Problem is approximation resistant and that there are width-mm approximation-resistant OCSPs accepting only a fraction 1/(m/2)! of assignments. These results provide the first examples of approximation-resistant OCSPs subject only to P≠NP.

  • 54.
    Austrin, Per
    et al.
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Mossel, Elchanan
    Approximation resistant predicates from pairwise independence2008In: 23rd Annual IEEE Conference on Computational Complexity, proceedings, 2008, p. 249-258Conference paper (Refereed)
    Abstract [en]

    We study the approximability of predicates on k variables from a domain [q], and give a new sufficient condition for such predicates to be approximation resistant under the Unique Games Conjecture. Specifically, we show that a predicate P is approximation resistant if there exists a balanced pairwise independent distribution over [q](k) whose support is contained in the set of satisfying assignments to P. Using constructions of pairwise independent distributions this result implies that For general k >= 3 and q >= 2, the MAX k-CSP(q) problem is UG-hard to approximate within O(kq(2))q(k) + epsilon. For the special case of q = 2, i.e., boolean variables, we can sharpen this bound to (k + O(k(0.525)))/2(k) + epsilon, improving upon the best previous bound of 2k/2(k) + epsilon (Samorodnitsky and Trevisan, STOC'06) by essentially a factor 2. Finally, again for q = 2, assuming that the famous Hadamard Conjecture is true, this can be improved even further and the O(k(0.521)) term can be replaced by the constant 4.

  • 55.
    Austrin, Per
    et al.
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Mossel, Elchanan
    Approximation resistant predicates from pairwise independence2009In: Computational Complexity, ISSN 1016-3328, E-ISSN 1420-8954, Vol. 18, no 2, p. 249-271Article in journal (Refereed)
    Abstract [en]

    We study the approximability of predicates on k variables from a domain [q], and give a new sufficient condition for such predicates to be approximation resistant under the Unique Games Conjecture. Specifically, we show that a predicate P is approximation resistant if there exists a balanced pairwise independent distribution over [q](k) whose support is contained in the set of satisfying assignments to P. Using constructions of pairwise independent distributions this result implies that For general k >= 3 and q <= 2, the Max k-CSPq problem is UG-hard to approximate within O(kq(2))/q(k) + epsilon. For the special case of q = 2, i.e., boolean variables, we can sharpen this bound to (k + O(k(0.525)))/2(k) + epsilon, improving upon the best previous bound of 2k/2(k) + epsilon (Samorodnitsky and Trevisan, STOC'06) by essentially a factor 2. Finally, again for q = 2, assuming that the famous Hadamard Conjecture is true, this can be improved even further, and the O(k(0.525)) term can be replaced by the constant 4.

  • 56.
    Bakhshi, Rana
    et al.
    KTH, School of Information and Communication Technology (ICT).
    Gurov, Dilian
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Verification of Peer-to-peer Algorithms: A Case Study2007In: Electronical Notes in Theoretical Computer Science, ISSN 1571-0661, E-ISSN 1571-0661, Vol. 181, no 1, p. 35-47Article in journal (Refereed)
    Abstract [en]

    The problem of maintaining structured peer-to-peer (P2P) overlay networks in the presence of concurrent joins and failures of nodes is the subject of intensive research. The various algorithms underlying P2P systems are notoriously difficult to design and analyse. Thus, when verifying P2P algorithms, a real challenge is to find an adequate level of abstraction at which to model the algorithms and perform the verifications. In this paper, we propose an abstract model for structured P2P networks with ring topology. Our model is based on process algebra, which, with its well-developed theory, provides the right level of abstraction for the verification of many basic P2P algorithms. As a case study, we verify the correctness of the stabilization algorithm of Chord, one of the best-known P2P overlay networks. To show the correctness of the algorithm, we provide a specification and an implementation of the Chord system in process algebra and establish bisimulation equivalence between the two.

  • 57.
    Balliu, Musard
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    A Logic for Information Flow Analysis of Distributed Programs2013In: Secure IT Systems: 18th Nordic Conference, NordSec 2013 Ilulissat, Greenland, October 2013 Proceedings, Springer Berlin/Heidelberg, 2013, p. 84-99Conference paper (Refereed)
    Abstract [en]

    Securing communication in large scale distributed systems is an open problem. When multiple principals exchange sensitive information over a network, security and privacy issues arise immediately. For instance, in an online auction system we may want to ensure that no bidder knows the bids of any other bidder before the auction is closed. Such systems are typically interactive/reactive and communication is mostly asynchronous, lossy or unordered. Language-based security provides language mechanisms for enforcing end-to-end security. However, with few exceptions, previous research has mainly focused on relational or synchronous models, which are generally not suitable for distributed systems. This paper proposes a general knowledge-based account of possibilistic security from a language perspective and shows how existing trace-based conditions fit in. A syntactic characterization of these conditions, given by an epistemic temporal logic, shows that existing model checking tools can be used to enforce security.

    Download full text (pdf)
    fulltext
  • 58.
    Balliu, Musard
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    A Logic for Information Flow Analysis of Distributed Programs: (Extended Abstract)2013Report (Other academic)
    Abstract [en]

    Securing communication in large scale distributed systems is an open problem. When multiple principals exchange sensitive information over a network, security and privacy issues arise immediately. For instance, in an online auction system we may want to ensure that no bidder knows the bids of any other bidder before the auction is closed. Such systems are typically interactive/reactive and communication is mostly asynchronous, lossy or unordered. Language-based security provides language mechanisms for enforcing end-to-end security. However, with few exceptions, previous research has mainly focused on relational or synchronous models, which are generally not suitable for distributed systems.

    This paper proposes a general knowledge-based account of possibilistic security from a language perspective and shows how existing trace-based conditions fit in. A syntactic characterization of these conditions, given by an epistemic temporal logic, shows that existing model checking tools can be used to enforce security.

    Download full text (pdf)
    NordSec13_extended
  • 59.
    Balliu, Musard
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Logics for Information Flow Security:From Specification to Verification2014Doctoral thesis, comprehensive summary (Other academic)
    Abstract [en]

    Software is becoming  increasingly  ubiquitous and today we find software running everywhere. There is software driving our favorite  game  application or  inside the web portal we use to read the morning  news, and   when we book a vacation.  Being so commonplace, software has become an easy target to compromise  maliciously or at best to get it wrong. In fact, recent trends and highly-publicized attacks suggest that vulnerable software  is at  the root of many security attacks.     

    Information flow security is the research field that studies  methods and techniques to provide strong security guarantees against  software security attacks and vulnerabilities.  The goal of an  information flow analysis is to rigorously check how  sensitive information is used by the software application and ensure that this information does not escape the boundaries of the application, unless it is properly granted permission to do so by the security policy at hand.  This process can   be challenging asit first requires to determine what the applications security policy is and then to provide a mechanism  to enforce that policy against the  software application.  In this thesis  we address the problem of (information flow) policy specification and policy enforcement by leveraging formal methods, in particular logics and language-based analysis and verification techniques.

    The thesis contributes to the state of the art of information flow security in several directions, both theoretical and practical. On the policy specification side, we provide a  framework to reason about  information flow security conditions using the notion of knowledge. This is accompanied  by logics that  can be used  to express the security policies precisely in a syntactical manner. Also, we study the interplay between confidentiality and integrity  to enforce security in  presence of active attacks.  On the verification side, we provide several symbolic algorithms to effectively check whether an application adheres to the associated security policy. To achieve this,  we propose techniques  based on symbolic execution and first-order reasoning (SMT solving) to first extract a model of the target application and then verify it against the policy.  On the practical side, we provide  tool support by automating our techniques and  thereby making it possible  to verify programs written in Java or ARM machine code.  Besides the expected limitations, our case studies show that the tools can be used to  verify the security of several realistic scenarios.

    More specifically, the thesis consists of two parts and six chapters. We start with an introduction giving an overview of the research problems and the results of the thesis. Then we move to the specification part which  relies on knowledge-based reasoning and epistemic logics to specify state-based and trace-based information flow conditions and on the weakest precondition calculus to certify security in  presence of active attacks.  The second part of the thesis addresses the problem of verification  of the security policies introduced in the first part.  We use symbolic execution  and  SMT solving techniques to enable   model checking of the security properties.  In particular, we implement a tool that verifies noninterference  and declassification policies for Java programs. Finally, we conclude with relational verification of low level code, which is also supported by a tool.

    Download full text (pdf)
    php-thesis-Musard-Balliu
  • 60.
    Balliu, Musard
    et al.
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Dam, Mads
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Guanciale, Roberto
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Automating Information Flow Analysis of Low Level Code2014In: Proceedings of CCS’14, November 3–7, 2014, Scottsdale, Arizona, USA, Association for Computing Machinery (ACM), 2014Conference paper (Refereed)
    Abstract [en]

    Low level code is challenging: It lacks structure, it uses jumps and symbolic addresses, the control ow is often highly optimized, and registers and memory locations may be reused in ways that make typing extremely challenging. Information ow properties create additional complications: They are hyperproperties relating multiple executions, and the possibility of interrupts and concurrency, and use of devices and features like memory-mapped I/O requires a departure from the usual initial-state nal-state account of noninterference. In this work we propose a novel approach to relational verication for machine code. Verication goals are expressed as equivalence of traces decorated with observation points. Relational verication conditions are propagated between observation points using symbolic execution, and discharged using rst-order reasoning. We have implemented an automated tool that integrates with SMT solvers to automate the verication task. The tool transforms ARMv7 binaries into an intermediate, architecture-independent format using the BAP toolset by means of a veried translator. We demonstrate the capabilities of the tool on a separation kernel system call handler, which mixes hand-written assembly with gcc-optimized output, a UART device driver and a crypto service modular exponentiation routine.

    Download full text (pdf)
    ccs14_bdg
  • 61.
    Balliu, Musard
    et al.
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Dam, Mads
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Le Guernic, Gurvan
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    ENCOVER: Symbolic Exploration for Information Flow Security2012In: 2012 IEEE 25th Computer Security Foundations Symposium (CSF), IEEE , 2012, p. 30-44Conference paper (Refereed)
    Abstract [en]

    We address the problem of program verification for information flow policies by means of symbolic execution and model checking. Noninterference-like security policies are formalized using epistemic logic. We show how the policies can be accurately verified using a combination of concolic testing and SMT solving. As we demonstrate, many scenarios considered tricky in the literature can be solved precisely using the proposed approach. This is confirmed by experiments performed with ENCOVER, a tool based on Java PathFinder and Z3, which we have developed for epistemic noninterference concolic verification.

  • 62.
    Balliu, Musard
    et al.
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Dam, Mads
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Le Guernic, Gurvan
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Epistemic Temporal Logic for Information Flow Security2011In: In proc. of th 4e ACM SIGPLAN workshop on Programming Languages and Analysis for Security, 2011Conference paper (Refereed)
    Abstract [en]

    Temporal epistemic logic is a well-established framework for expressing agents knowledge and how it evolves over time. Within language-based security these are central issues, for instance in the context of declassification. We propose to bring these two areas together. The paper presents a computational model and an epistemic temporal logic used to reason about knowledge acquired by observing program outputs. This approach is shown to elegantly capture standard notions of noninterference and declassification in the literature as well as information flow properties where sensitive and public data intermingle in delicate ways.

  • 63.
    Balliu, Musard
    et al.
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Mastroeni, Isabella
    A weakest precondition approach to active attacks analysis2009In: PLAS'09: Proceedings of the ACM SIGPLAN 4th Workshop on Programming Languages and Analysis for Security, 2009, p. 59-71Conference paper (Refereed)
    Abstract [en]

    Information flow controls can be used to protect both data confidentiality and data integrity. The certification of the security degree of a program that runs in untrusted environments still remains an open problem in language-based security. The notion of robustness asserts that an active attacker, who can modify program code in some fixed points (holes), is not able to disclose more private information than a passive attacker, who merely observes public data. In this paper, we extend a method recently proposed for checking declassified non-interference in presence of passive attackers only, in order to check robustness by means of the weakest precondition semantics. In particular, this semantics simulates the kind of analysis that can be performed by an attacker, i.e., from the public output towards the private input. The choice of the semantics lets us distinguish between different attacks models. In this paper, we also introduce relative robustness that is a relaxed notion of robustness for restricted classes of attacks.

  • 64.
    Balliu, Musard
    et al.
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Mastroeni, Isabella
    A Weakest Precondition Approach to Robustness2010In: Lecture Notes in Computer Science, ISSN 0302-9743, E-ISSN 1611-3349, Vol. 6340, no PART 1, p. 261-297Article in journal (Refereed)
    Abstract [en]

    With the increasing complexity of information management computer systems, security becomes a real concern. E-government, web-based financial transactions or military and health care information systems are only a few examples where large amount of information can reside on different hosts distributed worldwide. It is clear that any disclosure or corruption of confidential information in these contexts can result fatal. Information flow controls constitute an appealing and promising technology to protect both data confidentiality and data integrity. The certification of the security degree of a program that runs in untrusted environments still remains an open problem in the area of language-based security. Robustness asserts that an active attacker, who can modify program code in some fixed points (holes), is unable to disclose more private information than a passive attacker, who merely observes unclassified data. In this paper, we extend a method recently proposed for checking declassified non-interference in presence of passive attackers only, in order to check robustness by means of weakest precondition semantics. In particular, this semantics simulates the kind of analysis that can be performed by an attacker, i.e., from public output towards private input. The choice of semantics allows us to distinguish between different attacks models and to characterize the security of applications in different scenarios. Our results are sound to address confidentiality and integrity of software running in untrusted environments where different actors can distrust one another. For instance, a web server can be attacked by a third party in order to steal a session cookie or hijack clients to a fake web page.

  • 65. Barak, B.
    et al.
    Gopalan, P.
    Håstad, Johan
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Meka, R.
    Raghavendra, P.
    Steurer, D.
    Making the long code shorter2015In: SIAM journal on computing (Print), ISSN 0097-5397, E-ISSN 1095-7111, Vol. 44, no 5, p. 1287-1324Article in journal (Refereed)
    Abstract [en]

    The long code is a central tool in hardness of approximation especially in questions related to the Unique Games Conjecture. We construct a new code that is exponentially more efficient but can still be used in many of these applications. Using the new code we obtain exponential improvements over several known results including the following: (1) For any ε &gt; 0, we show the existence of an n-vertex graph G where every set of o(n) vertices has expansion 1-ε but G's adjacency matrix has more than exp(logδ n) eigenvalues larger than 1 - ε, where δ depends only on ε. This answers an open question of Arora, Barak, and Steurer [Proceedings of the 2010 IEEE 51st Annual Symposium on Foundations of Computer Science, 2010, pp. 563-572] who asked whether one can improve over the noise graph on the Boolean hypercube that has poly(log n) such eigenvalues. (2) A gadget that reduces Unique Games instances with linear constraints modulo K into instances with alphabet k with a blowup of kpolylog(K) , improving over the previously known gadget with blowup of kω(K). (3) An n-variable integrality gap for Unique Games that survives exp(poly(log log n)) rounds of the semidefinite programming version of the Sherali-Adams hierarchy, improving on the previously known bound of poly(log log n). We show a connection between the local testability of linear codes and Small-Set Expansion in certain related Cayley graphs and use this connection to derandomize the noise graph on the Boolean hypercube.

  • 66. Barak, Boaz
    et al.
    Gopalan, Parikshit
    Håstad, Johan
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Meka, Raghu
    Raghavendra, Prasad
    Steurer, David
    Making the Long Code Shorter2012In: Foundations of Computer Science (FOCS), 2012 IEEE 53rd Annual Symposium on, IEEE Computer Society, 2012, p. 370-379Conference paper (Refereed)
    Abstract [en]

    The long code is a central tool in hardness of approximation, especially in questions related to the unique games conjecture. We construct a new code that is exponentially more efficient, but can still be used in many of these applications. Using the new code we obtain exponential improvements over several known results, including the following: 1) For any ε > 0, we show the existence of an n vertex graph G where every set of o(n) vertices has expansion 1-ε, but G's adjacency matrix has more than exp(logδ n) eigenvalues larger than 1 - ε, where δ depends only on ε. This answers an open question of Arora, Barak and Steurer (FOCS 2010) who asked whether one can improve over the noise graph on the Boolean hypercube that has poly(log n) such eigenvalues. 2) A gadget that reduces unique games instances with linear constraints modulo K into instances with alphabet k with a blowup of Kpolylog(K), improving over the previously known gadget with blowup of 2Ω(K). 3) An n variable integrality gap for Unique Games that survives exp(poly(log log n)) rounds of the SDP + Sherali Adams hierarchy, improving on the previously known bound of poly(log log n). We show a connection between the local testability of linear codes and small set expansion in certain related Cayley graphs, and use this connection to derandomize the noise graph on the Boolean hypercube.

  • 67. Bar-Noy, Amotz
    et al.
    Panagiotis, Cheilaris
    Lampis, Michael
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Mitsou, Valia
    Zachos, Stathis
    Ordered Coloring Grids and Related Graphs2009In: 16th International Colloquium on Structural Information and Communication Complexity, SIROCCO 2009, 2009, p. 30-43Conference paper (Refereed)
    Abstract [en]

    We investigate a coloring problem, called ordered coloring, in grids and some other families of grid-like graphs. Ordered coloring (also known as vertex ranking) is related to conflict-free coloring and other traditional coloring problems. Such coloring problems can model (among others) efficient frequency assignments in cellular networks. Our main technical results improve upper and lower bounds for the ordered chromatic number of grids and related graphs. To the best of our knowledge, this is the first attempt to calculate exactly the ordered chromatic number of these graph families.

  • 68.
    Bartie, Phil
    et al.
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS. Edinburgh University.
    Mackaness, William
    Edinburgh University.
    Minock, Michael
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Mollevik, Johan
    Umeå University.
    SpaceBook D3.3.2: Final Populated City Model Component2013Report (Other academic)
  • 69.
    Bastys, Iulia
    et al.
    Chalmers University of Technology.
    Balliu, Musard
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Sabelfeld, Andrei
    Chalmers University of Technology.
    If This Then What? Controlling Flows in IoT Apps2018Conference paper (Refereed)
    Abstract [en]

    IoT apps empower users by connecting a variety of otherwise unconnected services. These apps (or applets) are triggered by external information sources to perform actions on external information sinks. We demonstrate that the popular IoT app platforms, including IFTTT (If This Then That), Zapier, and Microsoft Flow are susceptible to attacks by malicious applet makers, including stealthy privacy attacks to exfiltrate private photos, leak user location, and eavesdrop on user input to voice-controlled assistants. We study a dataset of 279,828 IFTTT applets from more than 400 services, classify the applets according to the sensitivity of their sources, and find that 30% of the applets may violate privacy. We propose two countermeasures for short-and longterm protection: access control and information flow control. For short-term protection, we suggest that access control classifies an applet as either exclusively private or exclusively public, thus breaking flows from private sources to sensitive sinks. For longterm protection, we develop a framework for information flow tracking in IoT apps. The framework models applet reactivity and timing behavior, while at the same time faithfully capturing the subtleties of attacker observations caused by applet output. We show how to implement the approach for an IFTTT-inspired setting leveraging state-of-the-art information flow tracking techniques for JavaScript based on the JSFlow tool and evaluate its effectiveness on a collection of applets.

    Download full text (pdf)
    ccs18
  • 70. Baud-Berthier, G.
    et al.
    Giráldez-Cru, Jesús
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Simon, L.
    On the community structure of bounded model checking SAT problems2017In: 20th International Conference on Theory and Applications of Satisfiability Testing, SAT 2017, Springer, 2017, Vol. 10491, p. 65-82Conference paper (Refereed)
    Abstract [en]

    Following the impressive progress made in the quest for efficient SAT solving in the last years, a number of researches has focused on explaining performances observed on typical application problems. However, until now, tentative explanations were only partial, essentially because the semantic of the original problem was lost in the translation to SAT. In this work, we study the behavior of so called “modern” SAT solvers under the prism of the first successful application of CDCL solvers, i.e., Bounded Model Checking. We trace the origin of each variable w.r.t. its unrolling depth, and show a surprising relationship between these time steps and the communities found in the CNF encoding. We also show how the VSIDS heuristic, the resolution engine, and the learning mechanism interact with the unrolling steps. Additionally, we show that the Literal Block Distance (LBD), used to identify good learnt clauses, is related to this measure. Our work shows that communities identify strong dependencies among the variables of different time steps, revealing a structure that arises when unrolling the problem, and which seems to be caught by the LBD measure.

  • 71.
    Baumann, Christoph
    et al.
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Näslund, Mats
    Ericsson Research.
    Gehrmann, Christian
    SICS Swedish ICT.
    Schwarz, Oliver
    SICS Swedish ICT.
    Thorsen, Hans
    T2Data.
    A High Assurance Virtualization Platform for ARMv82016In: Networks and Communications (EuCNC), 2016 European Conference on, IEEE conference proceedings, 2016Conference paper (Refereed)
    Abstract [en]

    This paper presents the first results from the ongoing research project HASPOC, developing a high assurance virtualization platform for the ARMv8 CPU architecture. Formal verification at machine code level guarantees information isolation between different guest systems (e.g. OSs) running on the platform. To use the platform in networking scenarios, we allow guest systems to securely communicate with each other via platform-provided communication channels and to take exclusive control of peripherals for communication with the outside world.

    The isolation is shown to be formally equivalent to that of guests executing on physically separate platforms with dedicated communication channels crossing the air-gap. Common Criteria (CC) assurance methodology is applied by preparing the CC documentation required for an EAL6 evaluation of products using the platform. Besides the hypervisor, a secure boot component is included and verified to ensure system integrity.

    Download full text (pdf)
    author version
  • 72.
    Baumann, Christoph
    et al.
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Schwarz, Oliver
    RISE SICS.
    Dam, Mads
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Compositional Verification of Security Properties for Embedded Execution Platforms2017In: PROOFS 2017: 6th International Workshop on Security Proofs for Embedded Systems / [ed] Ulrich Kühne and Jean-Luc Danger and Sylvain Guilley, 2017, Vol. 49, p. 1-16Conference paper (Refereed)
    Abstract [en]

    The security of embedded systems can be dramatically improved through the use of formally verified isolation mechanisms such as separation kernels, hypervisors, or microkernels. For trustworthiness, particularly for system level behaviour, the verifications need precise models of the underlying hardware. Such models are hard to attain, highly complex, and proofs of their security properties may not easily apply to similar but different platforms. This may render verification economically infeasible. To address these issues, we propose a compositional top-down approach to embedded system specification and verification, where the system-on-chip is modeled as a network of distributed automata communicating via paired synchronous message passing. Using abstract specifications for each component allows to delay the development of detailed models for cores, devices, etc., while still being able to verify high level security properties like integrity and confidentiality, and soundly refine the result for different instantiations of the abstract components at a later stage. As a case study, we apply this methodology to the verification of information flow security for an industry scale security-oriented hypervisor on the ARMv8-A platform. The hypervisor statically assigns (multiple) cores to each guest system and implements a rudimentary, but usable, inter guest communication discipline. We have completed a pen-and-paper security proof for the hypervisor down to state transition level and report on a partially completed verification of guest mode security in the HOL4 theorem prover.

    Download full text (pdf)
    fulltext
  • 73. Beck, C.
    et al.
    Nordström, Jakob
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Tang, B.
    Some trade-off results for polynomial calculus2013In: STOC '13 Proceedings of the 45th annual ACM symposium on Symposium on theory of computing, Association for Computing Machinery (ACM), 2013, p. 813-822Conference paper (Refereed)
    Abstract [en]

    We present size-space trade-offs for the polynomial calculus (PC) and polynomial calculus resolution (PCR) proof systems. These are the first true size-space trade-offs in any algebraic proof system, showing that size and space cannot be simultaneously optimized in these models. We achieve this by extending essentially all known size-space trade-offs for resolution to PC and PCR. As such, our results cover space complexity from constant all the way up to exponential and yield mostly superpolynomial or even exponential size blow-ups. Since the upper bounds in our trade-offs hold for resolution, our work shows that there are formulas for which adding algebraic reasoning on top of resolution does not improve the trade-off properties in any significant way. As byproducts of our analysis, we also obtain trade-offs between space and degree in PC and PCR exactly matching analogous results for space versus width in resolution, and strengthen the resolution trade-offs in [Beame, Beck, and Impagliazzo '12] to apply also to k-CNF formulas.

  • 74. Bennett, Paul
    et al.
    Gabrilovich, Evgeniy
    Kamps, Jaap
    Karlgren, Jussi
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Report on the Sixth Workshop on Exploiting Semantic Annotations in Information Retrieval (ESAIR '13)2014In: SIGIR Forum, ISSN 0163-5840, E-ISSN 1558-0229, Vol. 48, no 1, p. 13-20Article in journal (Refereed)
    Abstract [en]

    There is an increasing amount of structure on the web as a result of modern web languages, user tagging and annotation, emerging robust NLP tools, and an ever growing volume of linked data. These meaningful, semantic, annotations hold the promise to significantly enhance information access, by enhancing the depth of analysis of today's systems. Currently, we have only started exploring the possibilities and only begin to understand how these valuable semantic cues can be put to fruitful use.

    ESAIR'13 focuses on two of the most challenging aspects to address in the coming years. First, there is a need to include the currently emerging knowledge resources (such as DBpedia, Freebase) as underlying semantic model giving access to an unprecedented scope and detail of factual information. Second, there is a need to include annotations beyond the topical dimension (think of sentiment, reading level, prerequisite level, etc) that contain vital cues for matching the specific needs and profile of the searcher at hand.

    There was a strong feeling that we made substantial progress. Specifically, the discussion contributed to our understanding of the way forward. First, emerging large scale knowledge bases form a crucial component for semantic search, providing a unified framework with zillions of entities and relations. Second, in addition to low level factual annotation, non-topical annotation of larger chunks of text can provide powerful cues on the expertise of the search and (un)suitability of information. Third, novel user interfaces are key to unleash powerful structured querying enabled by semantic annotation|the potential of rich document annotations can only be realized if matched by more articulate queries exploiting these powerful retrieval cues|and a more dynamic approach is emerging by exploiting new forms of query autosuggest.

  • 75. Ben-Nun, J.
    et al.
    Farhi, N.
    Llewellyn, M.
    Riva, B.
    Rosen, A.
    Ta-Shma, A.
    Wikström, Douglas
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    A new implementation of a dual (paper and cryptographic) voting system2012Conference paper (Refereed)
    Abstract [en]

    We report on the design and implementation of a new cryptographic voting system, designed to retain the "look and feel" of standard, paper-based voting used in our country Israel while enhancing security with end-to-end verifiability guaranteed by cryptographic voting. Our system is dual ballot and runs two voting processes in parallel: one is electronic while the other is paper-based and similar to the traditional process used in Israel. Consistency between the two processes is enforced by means of a new, specially-tailored paper ballot format. We examined the practicality and usability of our protocol through implementation and field testing in two elections: the first being a student council election with over 2000 voters, the second a political party's election for choosing their leader. We present our findings, some of which were extracted from a survey we conducted during the first election. Overall, voters trusted the system and found it comfortable to use.

  • 76. Ben-Sasson, Eli
    et al.
    Nordström, Jakob
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    A Space Hierarchy for k-DNF Resolution2009In: Electronic Colloquium on Computational Complexity, ISSN 1433-8092, Vol. 16Article in journal (Refereed)
  • 77. Ben-Sasson, Eli
    et al.
    Nordström, Jakob
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Short proofs may be spacious: An optimal separation of space and length in resolution2008In: Proc. Annu. IEEE Symp. Found. Comput. Sci. FOCS, 2008, p. 709-718Conference paper (Refereed)
    Abstract [en]

    A number of works have looked at the relationship between length and space of resolution proofs. A notorious question has been whether the existence of a short proof implies the existence of a proof that can be verified using limited space. In this paper we resolve the question by answering it negatively in the strongest possible way. We show that there are families of 6-CNF formulas of size n, for arbitrarily large n, that have resolution proofs of length O(n) but for which any proof requires space Ω(n/log n). This is the strongest asymptotic separation possible since any proof of length O(n) can always be transformed into a proof in space O(n/log n). Our result follows by reducing the space complexity of so called pebbling formulas over a directed acyclic graph to the black-white pebbling price of the graph. The proof is somewhat simpler than previous results (in particular, those reported in [Nordström 2006, Nordström and Håstad 2008]) as it uses a slightly different flavor of pebbling formulas which allows for a rather straightforward reduction of proof space to standard black-white pebbling price.

  • 78. Ben-Sasson, Eli
    et al.
    Nordström, Jakob
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Understanding Space in Resolution: Optimal Lower Bounds and Exponential Trade-offs2009In: Electronic Colloquium on Computational Complexity, ISSN 1433-8092, Vol. 16Article in journal (Refereed)
  • 79.
    Berg, Therese
    et al.
    Uppsala University, Disciplinary Domain of Science and Technology, Mathematics and Computer Science, Department of Information Technology, Computer Systems.
    Jonsson, Bengt
    Uppsala University, Disciplinary Domain of Science and Technology, Mathematics and Computer Science, Department of Information Technology, Computer Systems.
    Soleimanifard, Siavash
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Inferring Compact Models of Communication Protocol Entities2010In: Leveraging Applications of Formal Methods, Verification, and Validation: Part I / [ed] Margaria, Tiziana; Steffen, Bernhard, Springer, 2010, p. 658-672Conference paper (Refereed)
    Abstract [en]

    Our overall goal is to support model-based approaches to verification and validation of communication protocols by techniques that automatically generate models of communication protocol entities from observations of their external behavior, using techniques based on regular inference (aka automata learning). In this paper, we address the problem that existing regular inference techniques produce "flat" state machines, whereas practically useful protocol models structure the internal state in terms of control locations and state variables, and describes dynamic behavior in a suitable (abstract) programming notation. We present a technique for introducing structure of an unstructured finite-state machine by introducing state variables and program-like descriptions of dynamic behavior, given a certain amount of user guidance. Our technique groups states with "similar control behavior" into control locations, and obtain program-like descriptions by means of decision tree generation. We have applied parts of our approach to an executable state machine specification of the Mobile Arts Advanced Mobile Location Center (A-MLC) protocol and evaluated the results by comparing them to the original specification.

    Download full text (pdf)
    main.pdf
  • 80.
    Bergren, Max
    et al.
    Gavagai.
    Karlgren, Jussi
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Östling, Robert
    Stockholms universitet.
    Parkvall, Mikael
    Stockholms universitet.
    Inferring the location of authors from words in their texts2015In: Proceedings of the 20th Nordic Conference of Computational Linguistics, Linköping University Electronic Press, 2015Conference paper (Refereed)
    Abstract [en]

    For the purposes of computational dialec- tology or other geographically bound text analysis tasks, texts must be annotated with their or their authors’ location. Many texts are locatable but most have no ex- plicit annotation of place. This paper describes a series of experiments to de- termine how positionally annotated mi- croblog posts can be used to learn loca- tion indicating words which then can be used to locate blog texts and their authors. A Gaussian distribution is used to model the locational qualities of words. We in- troduce the notion of placeness to describe how locational words are.

    We find that modelling word distributions to account for several locations and thus several Gaussian distributions per word, defining a filter which picks out words with high placeness based on their local distributional context, and aggregating lo- cational information in a centroid for each text gives the most useful results. The re- sults are applied to data in the Swedish language. 

    Download full text (pdf)
    fulltext
  • 81. Berkholz, C.
    et al.
    Nordström, Jakob
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Supercritical space-width trade-offs for resolution2016In: Leibniz International Proceedings in Informatics, LIPIcs, Schloss Dagstuhl- Leibniz-Zentrum fur Informatik GmbH, Dagstuhl Publishing , 2016Conference paper (Refereed)
    Abstract [en]

    We show that there are CNF formulas which can be refuted in resolution in both small space and small width, but for which any small-width resolution proof must have space exceeding by far the linear worst-case upper bound. This significantly strengthens the space-width trade-offs in [Ben- Sasson 2009], and provides one more example of trade-offs in the "supercritical" regime above worst case recently identified by [Razborov 2016]. We obtain our results by using Razborov's new hardness condensation technique and combining it with the space lower bounds in [Ben-Sasson and Nordström 2008].

  • 82. Berkholz, Christoph
    et al.
    Nordström, Jakob
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Near-Optimal Lower Bounds on Quantifier Depth and Weisfeiler-Leman Refinement Steps2016In: PROCEEDINGS OF THE 31ST ANNUAL ACM-IEEE SYMPOSIUM ON LOGIC IN COMPUTER SCIENCE (LICS 2016), Institute of Electrical and Electronics Engineers (IEEE), 2016, p. 267-276Conference paper (Refereed)
    Abstract [en]

    We prove near-optimal trade-offs for quantifier depth versus number of variables in first-order logic by exhibiting pairs of n-element structures that can be distinguished by a k-variable first-order sentence but where every such sentence requires quantifier depth at least n(Omega(k/logk)). Our trade-offs also apply to first-order counting logic, and by the known connection to the k-dimensional Weisfeiler-Leman algorithm imply near-optimal lower bounds on the number of refinement iterations. A key component in our proof is the hardness condensation technique recently introduced by [Razborov ' 16] in the context of proof complexity. We apply this method to reduce the domain size of relational structures while maintaining the quantifier depth required to distinguish them.

  • 83. Beyersdorff, O.
    et al.
    Bonacina, Ilario
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Chew, L.
    Lower bounds: From circuits to QBF Proof Systems2016In: ITCS 2016 - Proceedings of the 2016 ACM Conference on Innovations in Theoretical Computer Science, Association for Computing Machinery (ACM), 2016, p. 249-260Conference paper (Refereed)
    Abstract [en]

    A general and long-standing belief in the proof complexity community asserts that there is a close connection between progress in lower bounds for Boolean circuits and progress in proof size lower bounds for strong propositional proof systems. Although there are famous examples where a transfer from ideas and techniques from circuit complexity to proof complexity has been effective, a formal connection between the two areas has never been established so far. Here we provide such a formal relation between lower bounds for circuit classes and lower bounds for Frege systems for quantified Boolean formulas (QBF). Starting from a propositional proof system P we exhibit a general method how to obtain a QBF proof system P + 8red, which is inspired by the transition from resolution to Qresolution. For us the most important case is a new and natural hierarchy of QBF Frege systems C-Frege + 8red that parallels the well-studied propositional hierarchy of C-Frege systems, where lines in proofs are restricted to belong to a circuit class C. Building on earlier work for resolution [Beyersdorff, Chew, and Janota, 2015a] we establish a lower bound technique via strategy extraction that transfers arbitrary lower bounds for the circuit class C to lower bounds in C-Frege + 8red. By using the full spectrum of state-of-The-Art circuit lower bounds, our new lower bound method leads to very strong lower bounds for QBF Frege systems: (i) exponential lower bounds and separations for the QBF proof system AC0[p]-Frege + 8red for all primes p; (ii) an exponential separation of AC0[p]-Frege + 8red from TC0-Frege + 8red; (iii) an exponential separation of the hierarchy of constantdepth systems AC0 d-Frege + 8red by formulas of depth independent of d. In the propositional case, all these results correspond to major open problems.

  • 84. Beyersdorff, Olaf
    et al.
    Galesi, Nicola
    Lauria, Massimo
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    A Characterization of Tree-Like Resolution Size2012In: Electronic Colloquium on Computational Complexity (ECCC), ISSN 1433-8092, no 161Article in journal (Refereed)
    Abstract [en]

    We explain an asymmetric Prover-Delayer game which precisely characterizes proof size in tree-like Resolution. This game was previously described in a parameterized complexity context to show lower bounds for parameterized formulas [BGL11] and for the classical pigeonhole principle [BGL10]. The main point of this note is to show that the asymmetric game in fact characterizes tree-like Resolution proof size, i. e. in principle our proof method allows to always achieve the optimal lower bounds. This is in contrast with previous techniques described in the literature. We also provide a very intuitive information-theoretic interpretation of the game.

  • 85. Beyersdorff, Olaf
    et al.
    Galesi, Nicola
    Lauria, Massimo
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    A characterization of tree-like Resolution size2013In: Information Processing Letters, ISSN 0020-0190, E-ISSN 1872-6119, Vol. 113, no 18, p. 666-671Article in journal (Refereed)
    Abstract [en]

    We explain an asymmetric Prover-Delayer game which precisely characterizes proof size in tree-like Resolution. This game was previously described in a parameterized complexity context to show lower bounds for parameterized formulas (Beyersdorff et al. (2013) [2]) and for the classical pigeonhole principle (Beyersdorff et al. (2010) [1]). The main point of this note is to show that the asymmetric game in fact characterizes tree-like Resolution proof size, i.e. in principle our proof method allows to always achieve the optimal lower bounds. This is in contrast with previous techniques described in the literature. We also provide a very intuitive information-theoretic interpretation of the game.

  • 86. Beyersdorff, Olaf
    et al.
    Galesi, Nicola
    Lauria, Massimo
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Parameterized Complexity of DPLL Search Procedures2013In: ACM Transactions on Computational Logic, ISSN 1529-3785, E-ISSN 1557-945X, Vol. 14, no 3, p. 20-Article in journal (Refereed)
    Abstract [en]

    We study the performance of DPLL algorithms on parameterized problems. In particular, we investigate how difficult it is to decide whether small solutions exist for satisfiability and other combinatorial problems. For this purpose we develop a Prover-Delayer game that models the running time of DPLL procedures and we establish an information-theoretic method to obtain lower bounds to the running time of parameterized DPLL procedures. We illustrate this technique by showing lower bounds to the parameterized pigeonhole principle and to the ordering principle. As our main application we study the DPLL procedure for the problem of deciding whether a graph has a small clique. We show that proving the absence of a k-clique requires n(Omega(k)) steps for a nontrivial distribution of graphs close to the critical threshold. For the restricted case of tree-like Parameterized Resolution, this result answers a question asked by Beyersdorff et al. [2012] of understanding the Resolution complexity of this family of formulas.

  • 87. Bhattacharya, S.
    et al.
    Henzinger, M.
    Na Nongkai, Danupon
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    New deterministic approximation algorithms for fully dynamic matching2016In: STOC'16: PROCEEDINGS OF THE 48TH ANNUAL ACM SIGACT SYMPOSIUM ON THEORY OF COMPUTING, 2016, p. 398-411Conference paper (Refereed)
    Abstract [en]

    We present two deterministic dynamic algorithms for the maximum matching problem. (1) An algorithm that maintains a (2 + ϵ)-approximate maximum matching in general graphs with O(poly(log n, 1/ϵ)) update time. (2) An algorithm that maintains an αk approximation of the value of the maximum matching with O(n2/K) update time in bipartite graphs, for every sufficiently large constant positive integer K. Here, 1 ≤ αk ≤ 2 is a constant determined by the value of K. Result (1) is the first deterministic algorithm that can maintain an o(log n)-approximate maximum matching with polylogarithmic update time, improving the seminal result of Onak et al. [STOC 2010]. Its approximation guarantee almost matches the guarantee of the best randomized polylogarithmic update time algorithm [Baswana et al. FOCS 2011]. Result (2) achieves a better-than-two approximation with arbitrarily small polynomial update time on bipartite graphs. Previously the best update time for this problem was O(m1/4) [Bernstein et al. ICALP 2015], where m is the current number of edges in the graph.

  • 88.
    Bhattacharya, Sayan
    et al.
    The Institute of Mathematical Sciences, Chennai, India..
    Henzinger, Monika
    Na Nongkai, Danupon
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Tsourakakis, Charalampos E.
    Harvard University.
    Space- and Time-Efficient Algorithm for Maintaining Dense Subgraphs on One-Pass Dynamic Streams2015In: STOC '15 Proceedings of the Forty-Seventh Annual ACM on Symposium on Theory of Computing, ACM Press, 2015, p. 173-182Conference paper (Refereed)
    Abstract [en]

    While in many graph mining applications it is crucial to handle a stream of updates efficiently in terms of both time and space, not much was known about achieving such type of algorithm. In this paper we study this issue for a problem which lies at the core of many graph mining applications called densest subgraph problem. We develop an algorithm that achieves time- and space-efficiency for this problem simultaneously. It is one of the first of its kind for graph problems to the best of our knowledge.

    Given an input graph, the densest subgraph is the subgraph that maximizes the ratio between the number of edges and the number of nodes. For any ε>0, our algorithm can, with high probability, maintain a (4+ε)-approximate solution under edge insertions and deletions using ~O(n) space and ~O(1) amortized time per update; here, $n$ is the number of nodes in the graph and ~O hides the O(polylog_{1+ε} n) term. The approximation ratio can be improved to (2+ε) with more time. It can be extended to a (2+ε)-approximation sublinear-time algorithm and a distributed-streaming algorithm. Our algorithm is the first streaming algorithm that can maintain the densest subgraph in one pass. Prior to this, no algorithm could do so even in the special case of an incremental stream and even when there is no time restriction. The previously best algorithm in this setting required O(log n) passes [BahmaniKV12]. The space required by our algorithm is tight up to a polylogarithmic factor.

    Download full text (pdf)
    fulltext
  • 89. Bhatttacharyya, Arnab
    et al.
    Grigorescu, Elena
    Nordström, Jakob
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    On the Semantics of Local Characterizations for Linear-Invariant Properties2011Article in journal (Other academic)
    Abstract [en]

    A property of functions on a vector space is said to be linear-invariant if it is closed under linear transformations of the domain. Linear-invariant properties are some of the most well-studied properties in the field of property testing. Testable linear-invariant properties can always be characterized by socalled local constraints, and of late there has been a rapidly developing body of research investigating the testability of linear-invariant properties in terms of their descriptions using such local constraints. One problematic aspect that has been largely ignored in this line of research, however, is that syntactically distinct local characterizations need not at all correspond to semantically distinct properties. In fact, there are known fairly dramatic examples where seemingly infinite families of properties collapse into a small finite set that was already well-understood. In this work, we therefore initiate a systematic study of the semantics of local characterizations of linear-invariant properties. For such properties the local characterizations have an especially nice structure in terms of forbidden patterns on linearly dependent sets of vectors, which can be encoded formally as matroid constraints. We develop techniques for determining, given two such matroid constraints, whether these constraints encode identical or distinct properties, and show for a fairly broad class of properties that these techniques provide necessary and sufficient conditions for deciding between the two cases. We use these tools to show that recent (syntactic) testability results indeed provide an infiniti number of infinity strict hierarchies of (semantically) distinct testable locally characterized linear-invariant properties.

  • 90. Bhatttacharyya, Arnab
    et al.
    Grigorescu, Elena
    Nordström, Jakob
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Xie, Ning
    On the Semantics of Local Characterizations for Linear-Invariant Properties2011Conference paper (Refereed)
    Abstract [en]

    A property of functions on a vector space is said to be linear-invariant if it is closed under linear transformations of the domain. Linear-invariant properties are some of the most well-studied properties in the field of property testing. Testable linear-invariant properties can always be characterized by socalled local constraints, and of late there has been a rapidly developing body of research investigating the testability of linear-invariant properties in terms of their descriptions using such local constraints. One problematic aspect that has been largely ignored in this line of research, however, is that syntactically distinct local characterizations need not at all correspond to semantically distinct properties. In fact, there are known fairly dramatic examples where seemingly infinite families of properties collapse into a small finite set that was already well-understood. In this work, we therefore initiate a systematic study of the semantics of local characterizations of linear-invariant properties. For such properties the local characterizations have an especially nice structure in terms of forbidden patterns on linearly dependent sets of vectors, which can be encoded formally as matroid constraints. We develop techniques for determining, given two such matroid constraints, whether these constraints encode identical or distinct properties, and show for a fairly broad class of properties that these techniques provide necessary and sufficient conditions for deciding between the two cases. We use these tools to show that recent (syntactic) testability results indeed provide an infinite number of infinite strict hierarchies of (semantically) distinct testable locally characterized linear-invariant properties

  • 91. Biyani, Pravesh
    et al.
    Hagsand, Olof
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Karlsson, Gunnar
    Marsh, Ian
    Mas, Ignacio
    Early Estimation of Voice over IPQuality2003Conference paper (Refereed)
    Abstract [en]

    Users of Voice over IP (VoIP) applications are sensitive to the quality of an ongoing call. We hypothesize that the quality of a VoIP session can be estimated from the first few seconds of the session and this can be generalized to other VoIP calls. Our approach is an in-band probing mechanism and does not require any external monitoring schemes or network support. We show by post processing VoIP data from globally distributed sites that it is possible to determine the quality after an initial number of seconds. One application is admission control, where it would be possible to reject poor quality calls before they are fully established.

  • 92.
    Björkman, Carl
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Computing component specifications from global system requirements2017Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
    Abstract [en]

    If we have a program with strict control flow security requirements and want to ensure system requirements by verifying properties of said program, but part of the code base is in the form of a plug-in or third party library which we do not have access to at the time of verification, the procedure presented in this thesis can be used to generate the requirements needed for the plug-ins or third party libraries that they would have to fulfil in order for the final product to pass the given system requirements.

    This thesis builds upon a transformation procedure that turns control flow properties of a behavioural form into a structural form. The control flow properties focus purely on control flow in the sense that they abstract away any kind of program data and target only call and return events. By behavioural properties we refer to properties regarding execution behaviour and by structural properties to properties regarding sequences of instructions in the source code or object code.

    The result presented in this thesis takes this transformation procedure one step further and assume that some methods (or functions or procedures, depending on the programming language) are given in the form of models called flow graph, while the remaining methods are left unspecified. The output then becomes a set of structural constraints for the unspecified methods, which they must adhere to in order for any completion of the partial flow graph to satisfy the behavioural formula.

    Download full text (pdf)
    fulltext
  • 93. Blais, Eric
    et al.
    Håstad, Johan
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Servedio, Rocco A.
    Tan, Li-Yang
    On DNF Approximators for Monotone Boolean Functions2014In: Automata, Languages, and Programming: 41st International Colloquium, ICALP 2014, Copenhagen, Denmark, July 8-11, 2014, Proceedings, Part I, Springer Berlin/Heidelberg, 2014, Vol. 8572, p. 235-246Conference paper (Refereed)
    Abstract [en]

    We study the complexity of approximating monotone Boolean functions with disjunctive normal form (DNF) formulas, exploring two main directions. First, we construct DNF approximators for arbitrary monotone functions achieving one-sided error: we show that every monotone f can be e-approximated by a DNF g of size 2(n-Omega)(root n) satisfying g(x) <= f(x) for all x is an element of{0, 1}(n). This is the first non-trivial universal upper bound even for DNF approximators incurring two-sided error. Next, we study the power of negations in DNF approximators for monotone functions. We exhibit monotone functions for which non-monotone DNFs perform better than monotone ones, giving separations with respect to both DNF size and width. Our results, when taken together with a classical theorem of Quine [1], highlight an interesting contrast between approximation and exact computation in the DNF complexity of monotone functions, and they add to a line of work on the surprising role of negations in monotone complexity [2,3,4].

  • 94.
    Bodriagov, Oleksandr
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Social Networks and Privacy2015Licentiate thesis, comprehensive summary (Other academic)
    Abstract [en]

    Centralized online social networks pose a threat to their users’ privacy as social network providers have unlimited access to users’ data. Decentralized social networks address this problem by getting rid of the provider and giving control to the users themselves, meaning that only the end-users themselves should be able to control access of other parties to their data. While there have been several proposals and advances in the development of privacy- preserving decentralized social networks, the goal of secure, efficient, and available social network in a decentralized setting has not been fully achieved.

    This thesis contributes to the research in the field of security for social networks with focus on decentralized social networks. It studies encryption-based access control and man- agement of cryptographic keys/credentials (required for this access control) via user accounts with password-based login in decentralized social networks.

    First, this thesis explores the requirements of encryption for decentralized social networks and proposes a list of criteria for evaluation that is then used to assess existing encryption- based access control systems. We find that all of them provide confidentiality guarantees (of the content itself), while privacy (of information about the content or access policies) is either not addressed at all or it is addressed at the expense of system’s performance and flexibility.

    We highlight the potential of two classes of privacy preserving schemes in the decen- tralized online social network (DOSN) context: broadcast encryption schemes with hidden access structures and predicate encryption (PE) schemes, and propose to use them. Both of these classes contain schemes that exhibit desirable properties and better fulfill the criteria.

    Second, the thesis analyses predicate encryption and adapts it to the DOSN context as it is too expensive to use out of the box. We propose a univariate polynomial construction for access policies in PE that drastically increases performance of the scheme but leaks some part of the access policy to users with access rights. We utilize Bloom filters as a means of decreasing decryption time and indicate objects that can be decrypted by a particular user. The thesis demonstrates that adapted scheme shows good performance and thus user experience by making a newsfeed assembly experiment.

    Third, the thesis presents a solution to the problem of management of cryptographic keys for authentication and communication between users in decentralized online social networks. We propose a password-based login procedure for the peer-to-peer (P2P) setting that allows a user who passes authentication to recover a set of cryptographic keys required for the application. In addition to password logins, we also present supporting protocols to provide functionality related to password logins, such as remembered logins, password change, and recovery of the forgotten password. The combination of these protocols allows emulating password logins in centralized systems. The results of performance evaluation indicate that time required for logging in operation is within acceptable bounds. 

    Download full text (pdf)
    Thesis
  • 95.
    Bodriagov, Oleksandr
    et al.
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Buchegger, Sonja
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Encryption for Peer-to-Peer Social Networks2012In: Security and Privacy in Social Networks / [ed] Altshuler, Y.; Elovici, Y.; Cremers, A.B.; Aharony, N.; Pentland, A., New York: Springer, 2012, p. 47-65Chapter in book (Refereed)
    Abstract [en]

    To address privacy concerns over online social networking services, several decentralized alternatives have been proposed. These peer-to-peer (P2P) online social networks do not rely on centralized storage of user data. Rather, data can be stored not only on a profile owner’s computer but almost anywhere (friends’ computers, random peers from the social network, third-party external storage, etc.). Because external storage is often untrusted or only semi-trusted, encryption plays a fundamental role in the security of P2P social networks.

    Such a system needs to be efficient for use on a large scale, provide functionality for changing access rights suitable for social networks, and, most importantly, it should preserve the network’s privacy properties. That is, other than user data confidentiality, it has to protect against information leakage regarding users’ access rights and behaviors. In this paper we explore the encryption requirements for P2P social networks and propose a list of evaluation criteria that we use to compare existing approaches. We have found that none of the current P2P architectures for social networks achieve secure, efficient, 24/7 access control enforcement and data storage. They rely on trust, require constantly running servers for each user, use expensive encryption, or fail to protect the privacy of access information. In a search for solutions that better fulfill our criteria, we found that some broadcast encryption (BE) and predicate encryption (PE) schemes exhibit several desirable properties.

  • 96.
    Bodriagov, Oleksandr
    et al.
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS. KTH, School of Electrical Engineering (EES), Centres, ACCESS Linnaeus Centre.
    Buchegger, Sonja
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS. KTH, School of Electrical Engineering (EES), Centres, ACCESS Linnaeus Centre.
    Encryption for Peer-to-Peer Social Networks2011Conference paper (Refereed)
    Abstract [en]

    To address privacy concerns over online social networking services, several distributed alternatives have been proposed. These peer-to-peer (P2P) online social networks do not rely on centralized storage of user data. Instead, data can be stored not only on a computer of a profile owner but almost anywhere (friends’ computers, random peers from the social network, third-party external storage, etc.). Since the external storage is often untrusted or only semi-trusted, encryption plays a fundamental role in security of P2P social networks. Encryption, however, also adds some overhead in both the time and space domains. To be scalable, a system that relies heavily on encryption should use as efficient algorithms as possible. It also needs to provide the functionality of changing access rights at reasonable cost, and, crucially, the system should preserve privacy properties itself. That is, beyond user data confidentiality, it has to protect against information leakage about users’ access rights and traffic analysis. In this paper we explore the requirements of encryption for P2P social networks in detail and propose a list of criteria for evaluation. We then compare a set of approaches from the literature according to these criteria. We find that none of the current P2P architectures for social networks manages to achieve secure, efficient, 24/7 access control enforcement and data storage. They either rely on trust, require constantly running servers for each user, use expensive encryption, or fail to protect privacy of access information. In the search for a solution that better fulfills the criteria, we found that some broadcast encryption (BE) schemes exhibit several desirable properties. We thus propose to use BE schemes with high performance encryption/decryption regardless of the number of identities/groups for an efficient encryption-based access control in the P2P environment. We define relevant properties for the BE schemes to be used in the P2P social network scenario and describe advantages that such schemes have compared to encryption techniques used in existing P2P architectures.

  • 97.
    Bodriagov, Oleksandr
    et al.
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Buchegger, Sonja
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS. KTH, School of Electrical Engineering (EES), Centres, ACCESS Linnaeus Centre.
    P2P social networks with broadcast encryption protected privacy2012In: Privacy and Identity Management for Life, IFIP International Federation , 2012, p. 197-206Conference paper (Refereed)
    Abstract [en]

    Users of centralized online social networks (OSN) do not have full control over their data. The OSN provider can collect and mine user data and intentionally or accidentally leak it to third parties. Peer-to-peer (P2P) social networks address this problem by getting rid of the central provider and giving control to the users. However, existing proposals of P2P social networks have many drawbacks: reliance on trust, expensive anonymization or encryption techniques, etc. We propose to use broadcast encryption for data protection because of its efficiency and ability to not disclose information about who can decrypt what. We present an architecture of a P2P social network that uses a composition of public-key cryptography, broadcast encryption, and symmetric cryptography. The architecture provides confidentiality and limited integrity protection. It defines privacy-preserving profiles that allow users to quickly find data encrypted for them while preventing attackers from learning who can access which data.

  • 98.
    Bodriagov, Oleksandr
    et al.
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Kreitz, Gunnar
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Buchegger, Sonja
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Access Control in Decentralized Online Social Networks: Applying a Policy-Hiding Cryptographic Scheme and Evaluating Its Performance2014Conference paper (Refereed)
    Abstract [en]

    Privacy concerns in online social networking services have prompted a number of proposals for decentralized online social networks (DOSN) that remove the central provider and aim at giving the users control over their data and who can access it. This is usually done by cryptographic means. Existing DOSNs use cryptographic primitives that hide the data but reveal the access policies. At the same time, there are privacy-preserving variants of these cryptographic primitives that do not reveal access policies. They are, however, not suitable for usage in the DOSN context because of performance or storage constraints. A DOSN needs to achieve both privacy and performance to be useful. We analyze predicate encryption (PE) and adapt it to the DOSN context. We propose a univariate polynomial construction for access policies in PE that drastically increases performance of the scheme but leaks some part of the access policy to users with access rights. We utilize Bloom filters as a means of decreasing decryption time and indicate objects that can be decrypted by a particular user. We evaluate the performance of the adapted scheme in the concrete scenario of a news feed. Our PE scheme is best suited for encrypting for groups or small sets of separate identities.

  • 99. Boix, E. G.
    et al.
    Haller, Philipp
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Ricci, A.
    Varela, C.
    Message from the Chairs2015In: AGERE 2015 - Proceedings of the 5th International Workshop on Programming Based on Actors, Agents, and Decentralized Control, Association for Computing Machinery (ACM), 2015Conference paper (Refereed)
  • 100. Boix, E. G.
    et al.
    Haller, Philipp
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Ricci, A.
    Varela, C.
    Workshop preview of the 2015 workshop on programming based on actors, agents, and decentralized control (AGERE! 2015)2015In: SPLASH Companion 2015 - Companion Proceedings of the 2015 ACM SIGPLAN International Conference on Systems, Programming, Languages and Applications: Software for Humanity, 2015, p. 99-100Conference paper (Refereed)
    Abstract [en]

    The AGERE! workshop focuses on programming systems, languages and applications based on actors, active/concurrent objects, agents and - more generally - high-level programming paradigms promoting a mindset of decentralized control in solving problems and developing software. The workshop is designed to cover both the theory and the practice of design and programming, bringing together researchers working on models, languages and technologies, and practitioners developing real-world systems and applications.

1234567 51 - 100 of 518
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf