检索结果-内蒙古大学图书馆

arXiv 2025年

作者： Guri, Mordechai Ben-Gurion University of the Negev Israel Department of Software and Information Systems Engineering Offensive-Cyber Research Lab

This paper presents a technique for generating sound by leveraging the electrical properties of liquid crystal displays (LCDs). The phenomenon occurs due to vibrational noise produced by capacitors within the LCD panel during rapid pixel state transitions. By modulating these transitions through specially crafted bitmap patterns projected onto the screen, we demonstrate how weak yet audible acoustic signals can be generated directly from the display. We designed, implemented, evaluated, and tested a system that repurposes the LCD as a sound-emitting device. Potential applications for this technique include low-power auditory feedback systems, short-range device communication, air-gap covert channels, secure auditory signaling, and innovative approaches to human-computer interaction. Copyright © 2025, The Authors. All rights reserved.

关键词： Liquid crystal displays

来源：评论

学校读者我要写书评

暂无评论

Counter-Samples: A Stateless Strategy to Neutralize Black Box Adversarial Attacks

arXiv

引用

arXiv 2024年

作者： Bokobza, Roey Mirsky, Yisroel Ben-Gurion University Department of Software and Information Systems Engineering Offensive AI Research Lab Israel

Our paper presents a novel defence against black box attacks, where attackers use the victim model as an oracle to craft their adversarial examples. Unlike traditional preprocessing defences that rely on sanitizing input samples, our stateless strategy counters the attack process itself. For every query we evaluate a counter-sample instead, where the counter-sample is the original sample optimized against the attacker’s objective. By countering every black box query with a targeted white box optimization, our strategy effectively introduces an asymmetry to the game to the defender’s advantage. This defence not only effectively misleads the attacker’s search for an adversarial example, it also preserves the model’s accuracy on legitimate inputs and is generic to multiple types of attacks. We demonstrate that our approach is remarkably effective against state-of-the-art black box attacks and outperforms existing defences for both the CIFAR-10 and ImageNet datasets. Additionally, we also show that the proposed defence is robust against strong adversaries as well. © 2024, CC BY-NC-ND.

关键词：

来源：评论

学校读者我要写书评

暂无评论

What Was Your Prompt? A Remote Keylogging Attack on AI Assistants

arXiv

引用

arXiv 2024年

作者： Weiss, Roy Ayzenshteyn, Daniel Amit, Guy Mirsky, Yisroel Ben-Gurion University Israel Department of Software and Information Systems Engineering Offensive AI Research Lab

AI assistants are becoming an integral part of society, used for asking advice or help in personal and confidential issues. In this paper, we unveil a novel side-channel that can be used to read encrypted responses from AI Assistants over the web: the token-length side-channel. We found that many vendors, including OpenAI and Microsoft, have this side-channel. However, inferring the content of a response from a token-length sequence alone proves challenging. This is because tokens are akin to words, and responses can be several sentences long leading to millions of grammatically correct sentences. In this paper, we show how this can be overcome by (1) utilizing the power of a large language model (LLM) to translate these sequences, (2) providing the LLM with inter-sentence context to narrow the search space and (3) performing a known-plaintext attack by fine-tuning the model on the target model’s writing style. Using these methods, we were able to accurately reconstruct 29% of an AI assistant’s responses and successfully infer the topic from 55% of them. To demonstrate the threat, we performed the attack on OpenAI’s ChatGPT-4 and Microsoft’s Copilot on both browser and API traffic. © 2024, CC BY.

关键词： Side channel attack

来源：评论

学校读者我要写书评

暂无评论

TPTO: A Transformer-PPO based Task Offloading Solution for Edge Computing Environments 29

TPTO: A Transformer-PPO based Task Offloading Solution for E...

引用

29th IEEE International Conference on Parallel and Distributed systems, ICPADS 2023

作者： Gholipour, Niloofar De Assuncao, Marcos Dias Agarwal, Pranav Gascon-Samson, Julien Buyya, Rajkumar Univ. of Quebec Dept. of Software Engineering and IT École de Technologie Supérieure Montreal Canada The Univ. of Melbourne CLOUDS Lab School of Computing and Information Systems Australia

ISBN: (纸本)9798350330717

Emerging applications in healthcare, autonomous vehicles, and wearable assistance require interactive and low-latency data analysis services. Unfortunately, cloud-centric architectures cannot fulfill the low-latency demands of these applications, as user devices are often distant from cloud data centers. Edge computing aims to reduce the latency by enabling processing tasks to be offloaded to resources located at the network's edge. However, determining which tasks must be offloaded to edge servers to reduce the latency of application requests is not trivial, especially if the tasks present dependencies. This paper proposes a Deep Reinforcement Learning (DRL) approach called TPTO, which leverages Transformer Networks and Proximal Policy Optimization (PPO) to offload dependent tasks of IoT applications in edge computing. We consider users with various preferences, where devices can offload computation to an edge server via wireless channels. Performance evaluation results demonstrate that under fat application graphs, TPTO is more effective than state-of-the-art methods, such as Greedy, HEFT, and MRLCO, by reducing latency by 30.24%, 29.61%, and 12.41%, respectively. In addition, TPTO presents a training time approximately 2.5 times faster than an existing DRL approach. © 2023 IEEE.

关键词： Edge computing reinforcement learning task offloading Transformers

来源：评论

学校读者我要写书评

暂无评论

A Unified Information Diffusion Prediction Model Based on Multi-task Learning 9th

A Unified Information Diffusion Prediction Model Based on M...

引用

19th International Conference on Advanced Data Mining and Applications, ADMA 2023

作者： Shang, Yingdan Zhou, Bin Zeng, Xiang Chen, Kai College of Computer Science and Technology National University of Defense Technology Changsha China Key Lab of Software Engineering for Complex Systems School of Computer National University of Defense Technology Changsha China

ISBN: (纸本)9783031466731

The prediction of online information diffusion trends on social networks is crucial for understanding people’s interests and concerns, and has many real-world applications in fields such as business, politics and social security. Existing research on information diffusion prediction has predominantly focused on either macro level prediction of the future popularity of online information or micro level user activation prediction. However, information diffusion prediction on micro or macro level only may lead to one-sided prediction results, and there is a lack of research on implementing micro and macro level diffusion prediction tasks at the same time. Since micro and macro level diffusion prediction tasks are related to each other, we propose a unified information diffusion model which can jointly predicting the micro level user activation probability and macro level information popularity based on multi-task learning framework. We utilize graph neural network to learn user representation from both the information cascades and social network structure. Comparing with micro and macro level baseline methods separately, the prediction results of our proposed model outperform all baseline methods and proves the effectiveness of the proposed method. © The Author(s), under exclusive license to Springer Nature Switzerland AG 2023.

关键词： Forecasting

来源：评论

学校读者我要写书评

暂无评论

PIXHELL Attack: Leaking Sensitive Information from Air-Gap Computers via ‘Singing Pixels’

arXiv

引用

arXiv 2024年

作者： Guri, Mordechai Ben-Gurion University of the Negev Department of Software and Information Systems Engineering Air-Gap Research Lab Israel

Air-gapped systems are disconnected from the Internet and other networks because they contain or process sensitive data. However, it is known that attackers can use computer speakers to leak data via sound to circumvent the air-gap defense. To cope with this threat, when highly sensitive data is involved, the prohibition of loudspeakers or audio hardware might be enforced. This measure is known as an ‘audio gap’. In this paper, we present PIXHELL, a new type of covert channel attack allowing hackers to leak information via noise generated by the pixels on the screen. No audio hardware or loudspeakers is required. Malware in the air-gap and audio-gap computers generates crafted pixel patterns that produce noise in the frequency range of 0 - 22 kHz. The malicious code exploits the sound generated by coils and capacitors to control the frequencies emanating from the screen. Acoustic signals can encode and transmit sensitive information. We present the adversarial attack model, cover related work, and provide technical background. We discuss bitmap generation and correlated acoustic signals and provide implementation details on the modulation and demodulation process. We evaluated the covert channel on various screens and tested it with different types of information. We also discuss evasion and stealth using low-brightness patterns that appear like black, turned-off screens. Finally, we propose a set of countermeasures. Our test shows that with a PIXHELL attack, textual and binary data can be exfiltrated from air-gapped, audio-gapped computers at a distance of 2m via sound modulated from LCD screens. Copyright © 2024, The Authors. All rights reserved.

关键词： Loudspeakers

来源：评论

学校读者我要写书评

暂无评论

Closing the Loop between User Stories and GUI Prototypes: An LLM-Based Assistant for Cross-Functional Integration in software Development 25

Closing the Loop between User Stories and GUI Prototypes: An...

引用

2025 CHI Conference on Human Factors in Computing systems, CHI 2025

作者： Kretzer, Felix Kolthoff, Kristian Bartelt, Christian Ponzetto, Simone Paolo Maedche, Alexander Karlsruhe Institute of Technology (KIT) Karlsruhe Germany Institute for Software and Systems Engineering Clausthal University of Technology Clausthal-Zellerfeld Germany Data and Web Science Group University of Mannheim Mannheim Germany Human-centered Systems Lab (H-lab) Karlsruhe Institute of Technology (KIT) Karlsruhe Germany

ISBN: (纸本)9798400713941

Graphical user interfaces (GUIs) are at the heart of almost every software we encounter. GUIs are often created through a collaborative effort involving UX designers, product owners, and software developers, constantly facing changing requirements. Historically, problems in GUI development include a fragmented, poorly integrated tool landscape and high synchronization efforts between stakeholders. Recent approaches suggest using large language models (LLMs) to recognize requirements fulfillment in GUIs and automatically propose new GUI components. Based on ten interviews with practitioners, this paper proposes an LLM-based assistant as a Figma plug-in that bridges the gap between user stories and GUI prototyping. We evaluated the prototype with 40 users and 40 crowd-workers, showing that the effectiveness of GUI creation is improved by using LLMs to detect requirements' completion and generate new GUI components. We derive design rationales to support cross-functional integration in software development, ensuring that our plug-in integrates well into established processes. © 2025 Copyright held by the owner/author(s).

关键词： Assistance GUI Prototypes Requirements User Stories

来源：评论

学校读者我要写书评

暂无评论

PIXHELL Attack: Leaking Sensitive Information from Air-Gap Computers via ‘Singing Pixels’

PIXHELL Attack: Leaking Sensitive Information from Air-Gap C...

引用

IEEE Annual International Computer software and Applications Conference (COMPSAC)

作者： Mordechai Guri Department of Software and Information Systems Engineering Air-Gap Research Lab Ben-Gurion University of the Negev Israel

ISBN: (数字)9798350376968

ISBN: (纸本)9798350376975

Air-gapped systems are disconnected from the Internet and other networks because they contain or process sensitive data. However, it is known that attackers can use computer speakers to leak data via sound to circumvent the air-gap defense. To cope with this threat, when highly sensitive data is involved, the prohibition of loudspeakers or audio hardware might be enforced. This measure is known as an ‘audio gap’. In this paper, we present PIXHELL, a new type of covert channel attack allowing hackers to leak information via noise generated by the pixels on the screen. No audio hardware or loudspeakers is required. Malware in the air-gap and audio-gap computers generates crafted pixel patterns that produce noise in the frequency range of 0 - 22 kHz. The malicious code exploits the sound generated by coils and capacitors to control the frequencies emanating from the screen. Acoustic signals can encode and transmit sensitive information. We present the adversarial attack model, cover related work, and provide technical background. We discuss bitmap generation and correlated acoustic signals and provide implementation details on the modulation and de-modulation process. We evaluated the covert channel on various screens and tested it with different types of information. We also discuss evasion and stealth using low-brightness patterns that appear like black, turned-off screens. Finally, we propose a set of countermeasures. Our test shows that with a PIXHELL attack, textual and binary data can be exfiltrated from air-gapped, audio-gapped computers at a distance of 2m via sound modulated from LCD screens.

关键词： Loudspeakers Portable computers OFDM Computational modeling Air gaps Noise Acoustics

来源：评论

学校读者我要写书评

暂无评论

A Dynamic Selective Parameter Sharing Mechanism Embedded with Multi-Level Reasoning Abstractions 26

A Dynamic Selective Parameter Sharing Mechanism Embedded wit...

引用

26th European Conference on Artificial Intelligence, ECAI 2023

作者： Liu, Yan He, Ying Ming, Zhong Yu, F. Richard Shenzhen Key Lab of Digital & Intelligent Technologies & Systems College of Computer Science and Software Engineering Shenzhen University China State Key Laboratory of Integrated Services Networks Xidian University China Shenzhen China

ISBN: (纸本)9781643684369

Cooperative multi-agent reinforcement learning (Co-MARL) commonly employs different parameter sharing mechanisms, such as full and partial sharing. However, imprudent application of these mechanisms can potentially constrain policy diversity and limit cooperation flexibility. Recent methods that group agents into distinct sharing categories often exhibit poor performance due to challenges in precisely differentiating agents and neglecting the issue of promoting cooperation among these categories. To address these issues, we introduce a dynamic selective parameter sharing mechanism embedded with multi-level reasoning abstractions (DSPS-MA). Our approach uses self-comparison sequences to infer agents' abstract concepts, defining the differences between agents and allowing them to dynamically select partners to share parameters based on these abstract concepts. We also design an intrinsic reward to offer comprehensive collaboration guidance for agents, and introduce a policy cosine similarity regularization term to ensure sufficient policy diversity. Empirical evaluations demonstrate that our approach yields higher returns and faster convergence than state-of-the-art methods. © 2023 The Authors.

关键词： Dynamics

来源：评论

学校读者我要写书评

暂无评论

Ppt4j: Patch Presence Test for Java Binaries 24

Ppt4j: Patch Presence Test for Java Binaries

引用

44th ACM/IEEE International Conference on software engineering, ICSE 2024

作者： Pan, Zhiyuan Hu, Xing Xia, Xin Zhan, Xian Lo, David Yang, Xiaohu Zhejiang University The State Key Laboratory of Blockchain and Data Security Hangzhou China Huawei Software Engineering Application Technology Lab Hangzhou China The Hong Kong Polytechnic University Hong Kong School of Computing and Information Systems Singapore Management University Singapore

ISBN: (纸本)9798400702174

The number of vulnerabilities reported in open source software has increased substantially in recent years. Security patches provide the necessary measures to protect software from attacks and vulnerabilities. In practice, it is difficult to identify whether patches have been integrated into software, especially if we only have binary files. Therefore, the ability to test whether a patch is applied to the target binary, a.k.a. patch presence test, is crucial for practitioners. However, it is challenging to obtain accurate semantic information from patches, which could lead to incorrect results. In this paper, we propose a new patch presence test framework named Ppt4j (Patch Presence Test forJava Binaries). Ppt4j is designed for open-source Java libraries. It takes Java binaries (i.e. bytecode files) as input, extracts semantic information from patches, and uses feature-based techniques to identify patch lines in the binaries. To evaluate the effectiveness of our proposed approach Ppt4j, we construct a dataset with binaries that include 110 vulnerabilities. The results show that Ppt4j achieves an F1 score of 98.5% with reasonable efficiency, improving the baseline by 14.2%. Furthermore, we conduct an in-the-wild evaluation of Ppt4j on JetBrains IntelliJ IDEA. The results suggest that a third-party library included in the software is not patched for two CVEs, and we have reported this potential security problem to the vendor. © 2024 ACM.

关键词： Open source software

来源：评论

学校读者我要写书评

暂无评论

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案：

请选择收藏分类：

通借通还

建议与咨询 留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案： 新增检索档案 确定 取消

请选择收藏分类： 新增自定义分类 确定 取消

通借通还

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

请选择保存的检索档案：

请选择收藏分类：