Bern University of Applied Sciences

About: Bern University of Applied Sciences is a education organization based out in Burgdorf, Switzerland. It is known for research contribution in the topics: Population & Health care. The organization has 1262 authors who have published 2185 publications receiving 25950 citations.

Cache Games -- Bringing Access-Based Cache Attacks on AES to Practice

Abstract: Side channel attacks on cryptographic systems exploit information gained from physical implementations rather than theoretical weaknesses of a scheme. In recent years, major achievements were made for the class of so called access-driven cache attacks. Such attacks exploit the leakage of the memory locations accessed by a victim process. In this paper we consider the AES block cipher and present an attack which is capable of recovering the full secret key in almost real time for AES-128, requiring only a very limited number of observed encryptions. Unlike previous attacks, we do not require any information about the plaintext (such as its distribution, etc.). Moreover, for the first time, we also show how the plaintext can be recovered without having access to the cipher text at all. It is the first working attack on AES implementations using compressed tables. There, no efficient techniques to identify the beginning of AES rounds is known, which is the fundamental assumption underlying previous attacks. We have a fully working implementation of our attack which is able to recover AES keys after observing as little as 100 encryptions. It works against the OpenS SL 0.9.8n implementation of AES on Linux systems. Our spy process does not require any special privileges beyond those of a standard Linux user. A contribution of probably independent interest is a denial of service attack on the task scheduler of current Linux systems (CFS), which allows one to observe (on average) every single memory access of a victim process.

Random Forest as a generic framework for predictive modeling of spatial and spatio-temporal variables

Abstract: Random forest and similar Machine Learning techniques are already used to generate spatial predictions, but spatial location of points (geography) is often ignored in the modeling process. Spatial auto-correlation, especially if still existent in the cross-validation residuals, indicates that the predictions are maybe biased, and this is suboptimal. This paper presents a random forest for spatial predictions framework (RFsp) where buffer distances from observation points are used as explanatory variables, thus incorporating geographical proximity effects into the prediction process. The RFsp framework is illustrated with examples that use textbook datasets and apply spatial and spatio-temporal prediction to numeric, binary, categorical, multivariate and spatiotemporal variables. Performance of the RFsp framework is compared with the state-of-the-art kriging techniques using fivefold cross-validation with refitting. The results show that RFsp can obtain equally accurate and unbiased predictions as different versions of kriging. Advantages of using RFsp over kriging are that it needs no rigid statistical assumptions about the distribution and stationarity of the target variable, it is more flexible towards incorporating, combining and extending covariates of different types, and it possibly yields more informative maps characterizing the prediction error. RFsp appears to be especially attractive for building multivariate spatial prediction models that can be used as "knowledge engines" in various geoscience fields. Some disadvantages of RFsp are the exponentially growing computational intensity with increase of calibration data and covariates and the high sensitivity of predictions to input data quality. The key to the success of the RFsp framework might be the training data quality-especially quality of spatial sampling (to minimize extrapolation problems and any type of bias in data), and quality of model validation (to ensure that accuracy is not effected by overfitting). For many data sets, especially those with lower number of points and covariates and close-to-linear relationships, model-based geostatistics can still lead to more accurate predictions than RFsp.

Three-dimensional, task-specific robot therapy of the arm after stroke: a multicentre, parallel-group randomised trial

Abstract: Summary Background Arm hemiparesis secondary to stroke is common and disabling. We aimed to assess whether robotic training of an affected arm with ARMin—an exoskeleton robot that allows task-specific training in three dimensions—reduces motor impairment more effectively than does conventional therapy. Methods In a prospective, multicentre, parallel-group randomised trial, we enrolled patients who had had motor impairment for more than 6 months and moderate-to-severe arm paresis after a cerebrovascular accident who met our eligibility criteria from four centres in Switzerland. Eligible patients were randomly assigned (1:1) to receive robotic or conventional therapy using a centre-stratified randomisation procedure. For both groups, therapy was given for at least 45 min three times a week for 8 weeks (total 24 sessions). The primary outcome was change in score on the arm (upper extremity) section of the Fugl-Meyer assessment (FMA-UE). Assessors tested patients immediately before therapy, after 4 weeks of therapy, at the end of therapy, and 16 weeks and 34 weeks after start of therapy. Assessors were masked to treatment allocation, but patients, therapists, and data analysts were unmasked. Analyses were by modified intention to treat. This study is registered with ClinicalTrials.gov, number NCT00719433. Findings Between May 4, 2009, and Sept 3, 2012, 143 individuals were tested for eligibility, of whom 77 were eligible and agreed to participate. 38 patients assigned to robotic therapy and 35 assigned to conventional therapy were included in analyses. Patients assigned to robotic therapy had significantly greater improvements in motor function in the affected arm over the course of the study as measured by FMA-UE than did those assigned to conventional therapy ( F =4·1, p=0·041; mean difference in score 0·78 points, 95% CI 0·03–1·53). No serious adverse events related to the study occurred. Interpretation Neurorehabilitation therapy including task-oriented training with an exoskeleton robot can enhance improvement of motor function in a chronically impaired paretic arm after stroke more effectively than conventional therapy. However, the absolute difference between effects of robotic and conventional therapy in our study was small and of weak significance, which leaves the clinical relevance in question. Funding Swiss National Science Foundation and Bangerter-Rhyner Stiftung.

Cache Games - Bringing Access Based Cache Attacks on AES to Practice.

Abstract: Side channel attacks on cryptographic systems are attacks exploiting information gained from physical implementations rather than utilizing theoretical weaknesses of a scheme. In particular, during the last years, major achievements were made for the class of access-driven cache-attacks. The source of information leakage for such attacks are the locations of memory accesses performed by a victim process. In this paper we analyze the case of AES and present an attack which is capable of recovering the full secret key in almost realtime for AES-128, requiring only a very limited number of observed encryptions. Unlike most other attacks, ours neither needs to know the ciphertext, nor does it need to know any information about the plaintext (such as its distribution, etc.). Moreover, for the first time we also show how the plaintext can be recovered without having access to the ciphertext. Further, our spy process can be run under an unprivileged user account. It is the first working attack for implementations using compressed tables, where it is not possible to find out the beginning of AES rounds any more – a corner stone for all efficient previous attacks. All results of our attack have been demonstrated by a fully working implementation, and do not solely rely on theoretical considerations or simulations. A contribution of probably independent interest is a denial of service attack on the scheduler of current Linux systems (CFS), which allows to monitor memory accesses with novelly high precision. Finally, we give some generalizations of our attack, and suggest some possible countermeasures which would render our attack impossible. Keywords-AES; side channel; access-based cache-attacks;