-
Heckler: Breaking Confidential VMs with Malicious Interrupts
Authors:
Benedict Schlüter,
Supraja Sridhara,
Mark Kuhne,
Andrin Bertschi,
Shweta Shinde
Abstract:
Hardware-based Trusted execution environments (TEEs) offer an isolation granularity of virtual machine abstraction. They provide confidential VMs (CVMs) that host security-sensitive code and data. AMD SEV-SNP and Intel TDX enable CVMs and are now available on popular cloud platforms. The untrusted hypervisor in these settings is in control of several resource management and configuration tasks, in…
▽ More
Hardware-based Trusted execution environments (TEEs) offer an isolation granularity of virtual machine abstraction. They provide confidential VMs (CVMs) that host security-sensitive code and data. AMD SEV-SNP and Intel TDX enable CVMs and are now available on popular cloud platforms. The untrusted hypervisor in these settings is in control of several resource management and configuration tasks, including interrupts. We present Heckler, a new attack wherein the hypervisor injects malicious non-timer interrupts to break the confidentiality and integrity of CVMs. Our insight is to use the interrupt handlers that have global effects, such that we can manipulate a CVM's register states to change the data and control flow. With AMD SEV-SNP and Intel TDX, we demonstrate Heckler on OpenSSH and sudo to bypass authentication. On AMD SEV-SNP we break execution integrity of C, Java, and Julia applications that perform statistical and text analysis. We explain the gaps in current defenses and outline guidelines for future defenses.
△ Less
Submitted 4 April, 2024;
originally announced April 2024.
-
Hydrogen bonding in water under extreme confinement unveiled by nanoscale vibrational spectroscopy and simulations
Authors:
Xintong Xu,
Xin **,
Matthias Kuehne,
De-Liang Bao,
Joel Martis,
Yu-Ming Tu,
Cody L. Ritt,
Juan Carlos Idrobo,
Michael S. Strano,
Arun Majumdar,
Sokrates T. Pantelides,
Jordan A. Hachtel
Abstract:
Fluids under extreme confinement exhibit distinctly new properties compared to their bulk analogs. Understanding the structure and intermolecular bonding of confined water lays the foundation for creating and improving applications at the water-energy nexus. However, probing confined water experimentally at the length scale of intermolecular and surface forces has remained a challenge. Here, we re…
▽ More
Fluids under extreme confinement exhibit distinctly new properties compared to their bulk analogs. Understanding the structure and intermolecular bonding of confined water lays the foundation for creating and improving applications at the water-energy nexus. However, probing confined water experimentally at the length scale of intermolecular and surface forces has remained a challenge. Here, we report a combined experiment/theory framework to reveal changes in H-bonding environment and the underlying molecular structure of confined water inside individual carbon nanotubes. H-bonding is directly probed through the O-H stretch frequency with vibrational electron energy-loss spectroscopy and compared to spectra from molecular-dynamics simulations based on density-functional-theory. Experimental spectra show that water in larger carbon nanotubes exhibit the bonded O-H vibrations of bulk water, but at smaller diameters, the frequency blueshifts to near the 'free' O-H stretch found in water vapor and hydrophobic surfaces. The matching simulations reveal that, in addition to steric confinement, the tube's vibrations play a key role in breaking up the H-bond network, resulting in an orientationally-dispersed, non-H-bonded phase. Furthermore, the temperature-dependence of the vibrations is investigated, providing insights into phase transitions and the confined-water density. This research demonstrates the potential of the experiment/theory framework to explore unprecedented aspects of structure and bonding in confined fluids.
△ Less
Submitted 27 February, 2024;
originally announced February 2024.
-
ACAI: Protecting Accelerator Execution with Arm Confidential Computing Architecture
Authors:
Supraja Sridhara,
Andrin Bertschi,
Benedict Schlüter,
Mark Kuhne,
Fabio Aliberti,
Shweta Shinde
Abstract:
Trusted execution environments in several existing and upcoming CPUs demonstrate the success of confidential computing, with the caveat that tenants cannot securely use accelerators such as GPUs and FPGAs. In this paper, we reconsider the Arm Confidential Computing Architecture (CCA) design, an upcoming TEE feature in Armv9-A, to address this gap. We observe that CCA offers the right abstraction a…
▽ More
Trusted execution environments in several existing and upcoming CPUs demonstrate the success of confidential computing, with the caveat that tenants cannot securely use accelerators such as GPUs and FPGAs. In this paper, we reconsider the Arm Confidential Computing Architecture (CCA) design, an upcoming TEE feature in Armv9-A, to address this gap. We observe that CCA offers the right abstraction and mechanisms to allow confidential VMs to use accelerators as a first-class abstraction. We build ACAI, a CCA-based solution, with a principled approach of extending CCA security invariants to device-side access to address several critical security gaps. Our experimental results on GPU and FPGA demonstrate the feasibility of ACAI while maintaining security guarantees.
△ Less
Submitted 25 October, 2023; v1 submitted 25 May, 2023;
originally announced May 2023.
-
It's TEEtime: A New Architecture Bringing Sovereignty to Smartphones
Authors:
Friederike Groschupp,
Mark Kuhne,
Moritz Schneider,
Ivan Puddu,
Shweta Shinde,
Srdjan Capkun
Abstract:
Modern smartphones are complex systems in which control over phone resources is exercised by phone manufacturers, OS vendors, and users. These stakeholders have diverse and often competing interests. Barring some exceptions, users entrust their security and privacy to OS vendors (Android and iOS) and need to accept their constraints. Manufacturers protect their firmware and peripherals from the OS…
▽ More
Modern smartphones are complex systems in which control over phone resources is exercised by phone manufacturers, OS vendors, and users. These stakeholders have diverse and often competing interests. Barring some exceptions, users entrust their security and privacy to OS vendors (Android and iOS) and need to accept their constraints. Manufacturers protect their firmware and peripherals from the OS by executing in the highest privilege and leveraging dedicated CPUs and TEEs. OS vendors need to trust the highest privileged code deployed by manufacturers. This division of control over the phone is not ideal for OS vendors and is even more disadvantageous for the users. Users are generally limited in what applications they can install on their devices, in the privacy model and trust assumptions of the existing applications, and in the functionalities that applications can have.
We propose TEEtime, a new smartphone architecture based on trusted execution allowing to balance the control different stakeholders exert over phones. More leveled control over the phone means that no stakeholder is more privileged than the others. In particular, TEEtime makes users sovereign over their phones: It enables them to install sensitive applications in isolated domains with protected access to selected peripherals alongside an OS. TEEtime achieves this while maintaining compatibility with the existing smartphone ecosystem and without relying on virtualization; it only assumes trust in a phone's firmware. TEEtime is the first TEE architecture that allows isolated execution domains to gain protected and direct access to peripherals. TEEtime is based on Armv8-A and achieves peripheral isolation using a novel mechanism based on memory and interrupt controller protection. We demonstrate the feasibility of our design by implementing a prototype of TEEtime, and by running exemplary sensitive applications.
△ Less
Submitted 28 June, 2023; v1 submitted 9 November, 2022;
originally announced November 2022.
-
Data-Driven Process Optimization of Fused Filament Fabrication based on In Situ Measurements
Authors:
Xavier Guidetti,
Marino Kühne,
Yannick Nagel,
Efe C. Balta,
Alisa Rupenyan,
John Lygeros
Abstract:
The tuning of fused filament fabrication parameters is notoriously challenging. We propose an autonomous data-driven method to select parameters based on in situ measurements. We use a laser sensor to evaluate the surface roughness of a printed part. We then correlate the roughness to the mechanical properties of the part, and show how print quality affects mechanical performance. Finally, we use…
▽ More
The tuning of fused filament fabrication parameters is notoriously challenging. We propose an autonomous data-driven method to select parameters based on in situ measurements. We use a laser sensor to evaluate the surface roughness of a printed part. We then correlate the roughness to the mechanical properties of the part, and show how print quality affects mechanical performance. Finally, we use Bayesian optimization to search for optimal print parameters. We demonstrate our method by printing liquid crystal polymer samples, and successfully find parameters that produce high-performance prints and maximize the manufacturing process efficiency.
△ Less
Submitted 27 October, 2022;
originally announced October 2022.
-
An Irreversible Synthetic Route to an Ultra-Strong Two-Dimensional Polymer
Authors:
Yuwen Zeng,
Pavlo Gordiichuk,
Takeo Ichihara,
Ge Zhang,
Xun Gong,
Sandoz-Rosado Emil,
Eric D. Wetzel,
Jason Tresback,
**g Yang,
Zhongyue Yang,
Daichi Kozawa,
Matthias Kuehne,
**wei Liu,
Albert Tianxiang Liu,
**gfan Yang,
Heather J. Kulik,
Michael S. Strano
Abstract:
Polymers that extend covalently in two dimensions have attracted recent attention as a means of combining the mechanical strength and in-plane energy conduction of conventional two-dimensional (2D) materials with the low densities, synthetic processability, and organic composition of their one-dimensional counterparts. Efforts to date have proven successful in forms that do not allow full realizat…
▽ More
Polymers that extend covalently in two dimensions have attracted recent attention as a means of combining the mechanical strength and in-plane energy conduction of conventional two-dimensional (2D) materials with the low densities, synthetic processability, and organic composition of their one-dimensional counterparts. Efforts to date have proven successful in forms that do not allow full realization of these properties, such as polymerization at flat interfaces or fixation of monomers in immobilized lattices. A frequently employed synthetic approach is to introduce microscopic reversibility, at the cost of bond stability, to achieve 2D crystals after extensive error correction. Herein we demonstrate a synthetic route to 2D irreversible polycondensation directly in the solution phase, resulting in covalently bonded 2D polymer platelets that are chemically stable and highly processable. Further fabrication offers highly oriented, free-standing films which exhibit exceptional 2D elastic modulus and yield strength at 50.9 +- 15.0 GPa and 0.976 +- 0.113 GPa, respectively. Platelet alignment is evidenced by polarized photoluminescence centered at 580 and 680 nm from different dipole transitions. This new synthetic route provides opportunities for 2D polymers in applications ranging from composite structures to molecular sieving membranes.
△ Less
Submitted 25 March, 2021;
originally announced March 2021.
-
WestDrive X LoopAR: An open-access virtual reality project in Unity for evaluating user interaction methods during TOR
Authors:
Farbod N. Nezami,
Maximilian A. Wächter,
Nora Maleki,
Philipp Spaniol,
Lea M. Kühne,
Anke Haas,
Johannes M. **el,
Linus Tiemann,
Frederik Nienhaus,
Lynn Keller,
Sabine König,
Peter König,
Gordon Pipa
Abstract:
With the further development of highly automated vehicles, drivers will engage in non-related tasks while being driven. Still, drivers have to take over control when requested by the car. Here the question arises, how potentially distracted drivers get back into the control-loop quickly and safely when the car requests a takeover. To investigate effective human-machine interactions in mobile, vers…
▽ More
With the further development of highly automated vehicles, drivers will engage in non-related tasks while being driven. Still, drivers have to take over control when requested by the car. Here the question arises, how potentially distracted drivers get back into the control-loop quickly and safely when the car requests a takeover. To investigate effective human-machine interactions in mobile, versatile, and cost-efficient setup is needed. We developed a virtual reality toolkit for the Unity 3D game engine containing all necessary code and assets to enable fast adaptations to various human-machine interaction experiments, including close monitoring of the subject. The presented project contains all needed functionalities for realistic traffic behavior, cars, and pedestrians, as well as a large, open-source, scriptable, and modular VR environment. It covers roughly 25 square km, a package of 125 animated pedestrians and numerous vehicles, including motorbikes, trucks, and cars. It also contains all needed nature assets to make it both highly dynamic and realistic. The presented repository contains a C++ library made for LoopAR that enables force feedback for gaming steering wheels as a fully supported component. It also includes All necessary scripts for eye-tracking in the used devices. All main functions are integrated into the graphical user interface of the Unity Editor or are available as prefab variants to ease the use of the embedded functionalities. The primary purpose of this project is to serve as open access, cost-efficient toolkit that enables interested researchers to conduct realistic virtual reality research studies without costly and immobile simulators.
△ Less
Submitted 22 December, 2020;
originally announced December 2020.
-
Constructing a Highlight Classifier with an Attention Based LSTM Neural Network
Authors:
Michael Kuehne,
Marius Radu
Abstract:
Data is being produced in larger quantities than ever before in human history. It's only natural to expect a rise in demand for technology that aids humans in sifting through and analyzing this inexhaustible supply of information. This need exists in the market research industry, where large amounts of consumer research data is collected through video recordings. At present, the standard method fo…
▽ More
Data is being produced in larger quantities than ever before in human history. It's only natural to expect a rise in demand for technology that aids humans in sifting through and analyzing this inexhaustible supply of information. This need exists in the market research industry, where large amounts of consumer research data is collected through video recordings. At present, the standard method for analyzing video data is human labor. Market researchers manually review the vast majority of consumer research video in order to identify relevant portions - highlights. The industry state of the art turnaround ratio is 2.2 - for every hour of video content 2.2 hours of manpower are required. In this study we present a novel approach for NLP-based highlight identification and extraction based on a supervised learning model that aides market researchers in sifting through their data. Our approach hinges on a manually curated user-generated highlight clips constructed from long and short-form video data. The problem is best suited for an NLP approach due to the availability of video transcription. We evaluate multiple classes of models, from gradient boosting to recurrent neural networks, comparing their performance in extraction and identification of highlights. The best performing models are then evaluated using four sampling methods designed to analyze documents much larger than the maximum input length of the classifiers. We report very high performances for the standalone classifiers, ROC AUC scores in the range 0.93-0.94, but observe a significant drop in effectiveness when evaluated on large documents. Based on our results we suggest combinations of models/sampling algorithms for various use cases.
△ Less
Submitted 12 February, 2020;
originally announced February 2020.
-
Observation and Spectral Assignment of a Family of Hexagonal Boron Nitride Lattice Defects
Authors:
Daichi Kozawa,
Ananth Govind Rajan,
Sylvia Xin Li,
Takeo Ichihara,
Volodymyr B. Koman,
Yuwen Zeng,
Matthias Kuehne,
Satish Kumar Iyemperumal,
Kevin S. Silmore,
Dorsa Parviz,
**wei Liu,
Albert Tianxiang Liu,
Samuel Faucher,
Zhe Yuan,
Wenshuo Xu,
Jamie H. Warner,
Daniel Blankschtein,
Michael S. Strano
Abstract:
Atomic vacancy defects in single unit cell thick hexagonal boron nitride are of significant interest because of their photophysical properties, including single-photon emission, and promising applications in quantum communication and computation. The spectroscopic assignment of emission energies to specific atomic vacancies within the triangular lattice is confounded by the exponential scaling of…
▽ More
Atomic vacancy defects in single unit cell thick hexagonal boron nitride are of significant interest because of their photophysical properties, including single-photon emission, and promising applications in quantum communication and computation. The spectroscopic assignment of emission energies to specific atomic vacancies within the triangular lattice is confounded by the exponential scaling of defect candidates with the number of removed atoms. Herein, we collect more than 1000 spectra consisting of single, isolated zero-phonon lines between 1.69 and 2.25 eV, observing 6 quantized zero-phonon lines arising from hexagonal boron nitride vacancies. A newly developed computational framework for isomer cataloguing significantly narrows the number of candidate vacancies. Direct lattice imaging of hexagonal boron nitride, electronic structure calculations, and subsequent boric acid etching are used to definitively assign the 6 features. Systematic chemical etching supports the assignment by demonstrating the sequence of growth of successively larger vacancy centres from smaller ones, with the defects including a single B vacancy and a 16-atom triangular defect. These features exhibit a range of emission lifetimes from 1 to 6 ns, and phonon sidebands offset by the dominant lattice phonon in hexagonal boron nitride near 1370 cm-1. This assignment should significantly advance the solid-state chemistry and photophysics of such vacancy emitters.
△ Less
Submitted 28 September, 2019; v1 submitted 25 September, 2019;
originally announced September 2019.
-
Ultrafast lithium diffusion in bilayer graphene
Authors:
M. Kühne,
F. Paolucci,
J. Popovic,
P. M. Ostrovsky,
J. Maier,
J. H. Smet
Abstract:
Solid mixed conductors with significant ionic as well as electronic conduction play a pivotal role for mass transfer and storage as required in battery electrodes. Single-phase materials with simultaneously high electronic and ionic conductivity at room temperature are hard to come by and therefore multi-phase systems with separate ion and electron channels have been put forward instead. Here, we…
▽ More
Solid mixed conductors with significant ionic as well as electronic conduction play a pivotal role for mass transfer and storage as required in battery electrodes. Single-phase materials with simultaneously high electronic and ionic conductivity at room temperature are hard to come by and therefore multi-phase systems with separate ion and electron channels have been put forward instead. Here, we explore bilayer graphene as a true single phase mixed conductor and demonstrate ultrafast lithium diffusion exceeding diffusion in bulk graphite by an order of magnitude and even surpassing diffusion of sodium chloride in liquid water. To this end, an innovative electrochemical cell architecture has been developed where the redox-reaction forcing lithium intercalation is localized at a protrusion of the device only. Its remainder consists of pristine bilayer graphene unperturbed by an electrolyte. The geometry lends itself to the use of magnetotransport machinery known from mesoscopic low-dimensional physics. Time dependent Hall measurements across spatially displaced Hall probes deliver a direct view on the in-plane diffusion kinetics. The device layout with a perimeterial electrochemical cell is transferable to other 2D materials as well as thin films and may promote a paradigm shift on the use of electrolytes in on-chip experiments.
△ Less
Submitted 9 January, 2017;
originally announced January 2017.
-
Circular dichroism of magneto-phonon resonance in doped graphene
Authors:
P. Kossacki,
C. Faugeras,
M. Kühne,
M. Orlita,
A. Mahmood,
E. Dujardin,
R. R. Nair,
A. K. Geim,
M. Potemski
Abstract:
Polarization resolved, Raman scattering response due to E$_{2g}$ phonon in monolayer graphene has been investigated in magnetic fields up to 29 T. The hybridization of the E$_{2g}$ phonon with only the fundamental inter Landau level excitation (involving the n=0 Landau level) is observed and only in one of the two configurations of the circularly crossed polarized excitation and scattered light. T…
▽ More
Polarization resolved, Raman scattering response due to E$_{2g}$ phonon in monolayer graphene has been investigated in magnetic fields up to 29 T. The hybridization of the E$_{2g}$ phonon with only the fundamental inter Landau level excitation (involving the n=0 Landau level) is observed and only in one of the two configurations of the circularly crossed polarized excitation and scattered light. This polarization anisotropy of the magneto-phonon resonance is shown to be inherent to relatively strongly doped graphene samples, with carrier concentration typical for graphene deposited on SiO$_2$.
△ Less
Submitted 4 November, 2012; v1 submitted 30 July, 2012;
originally announced July 2012.
-
Electronic excitations and electron-phonon coupling in bulk graphite through Raman scattering in high magnetic fields
Authors:
P. Kossacki,
C. Faugeras,
M. Kühne,
M. Orlita,
A. A. L. Nicolet,
J. M. Schneider,
D. M. Basko,
Y. I. Latyshev,
M. Potemski
Abstract:
We use polarized magneto-Raman scattering to study purely electronic excitations and the electron-phonon coupling in bulk graphite. At a temperature of 4.2 K and in magnetic fields up to 28 T we observe $K$-point electronic excitations involving Landau bands with $Δ|n|=0$ and with $Δ|n|=\pm2$ that can be selected by controlling the angular momentum of the excitation laser and of the scattered ligh…
▽ More
We use polarized magneto-Raman scattering to study purely electronic excitations and the electron-phonon coupling in bulk graphite. At a temperature of 4.2 K and in magnetic fields up to 28 T we observe $K$-point electronic excitations involving Landau bands with $Δ|n|=0$ and with $Δ|n|=\pm2$ that can be selected by controlling the angular momentum of the excitation laser and of the scattered light. The magneto-phonon effect involving the $E_{2g}$ optical phonon and $K$-point inter Landau bands electronic excitations with $Δ|n|=\pm1$ is revealed and analyzed within a model taking into account the full $k_z$ dispersion. These polarization resolved results are explained in the frame of the Slonczewski-Weiss-McClure (SWM) model which directly allows to quantify the electron-hole asymmetry.
△ Less
Submitted 19 October, 2011;
originally announced October 2011.
-
Magneto-Raman scattering of graphene on graphite: Electronic and phonon excitations
Authors:
C. Faugeras,
M. Amado,
P. Kossacki,
M. Orlita,
M. Kühne,
A. A. L. Nicolet,
Yu. I. Latyshev,
M. Potemski
Abstract:
Magneto-Raman scattering experiments from the surface of graphite reveal novel features associated to purely electronic excitations which are observed in addition to phonon-mediated resonances. Graphene-like and graphite domains are identified through experiments with $\sim 1μm$ spatial resolution performed in magnetic fields up to 32T. Polarization resolved measurements emphasize the characterist…
▽ More
Magneto-Raman scattering experiments from the surface of graphite reveal novel features associated to purely electronic excitations which are observed in addition to phonon-mediated resonances. Graphene-like and graphite domains are identified through experiments with $\sim 1μm$ spatial resolution performed in magnetic fields up to 32T. Polarization resolved measurements emphasize the characteristic selection rules for electronic transitions in graphene. Graphene on graphite displays the unexpected hybridization between optical phonon and symmetric across the Dirac point inter Landau level transitions. The results open new experimental possibilities - to use light scattering methods in studies of graphene under quantum Hall effect conditions.
△ Less
Submitted 11 July, 2011; v1 submitted 10 January, 2011;
originally announced January 2011.
-
On the Communication of Scientific Results: The Full-Metadata Format
Authors:
Moritz Riede,
Rico Schueppel,
Kristian O. Sylvester-Hvid,
Martin Kuehne,
Michael C. Roettger,
Klaus Zimmermann,
Andreas W. Liehr
Abstract:
In this paper, we introduce a scientific format for text-based data files, which facilitates storing and communicating tabular data sets. The so-called Full-Metadata Format builds on the widely used INI-standard and is based on four principles: readable self-documentation, flexible structure, fail-safe compatibility, and searchability. As a consequence, all metadata required to interpret the tab…
▽ More
In this paper, we introduce a scientific format for text-based data files, which facilitates storing and communicating tabular data sets. The so-called Full-Metadata Format builds on the widely used INI-standard and is based on four principles: readable self-documentation, flexible structure, fail-safe compatibility, and searchability. As a consequence, all metadata required to interpret the tabular data are stored in the same file, allowing for the automated generation of publication-ready tables and graphs and the semantic searchability of data file collections. The Full-Metadata Format is introduced on the basis of three comprehensive examples. The complete format and syntax is given in the appendix.
△ Less
Submitted 8 April, 2009;
originally announced April 2009.
