-
Value Improved Actor Critic Algorithms
Authors:
Yaniv Oren,
Moritz A. Zanger,
Pascal R. van der Vaart,
Matthijs T. J. Spaan,
Wendelin Bohmer
Abstract:
Many modern reinforcement learning algorithms build on the actor-critic (AC) framework: iterative improvement of a policy (the actor) using policy improvement operators and iterative approximation of the policy's value (the critic). In contrast, the popular value-based algorithm family employs improvement operators in the value update, to iteratively improve the value function directly. In this wo…
▽ More
Many modern reinforcement learning algorithms build on the actor-critic (AC) framework: iterative improvement of a policy (the actor) using policy improvement operators and iterative approximation of the policy's value (the critic). In contrast, the popular value-based algorithm family employs improvement operators in the value update, to iteratively improve the value function directly. In this work, we propose a general extension to the AC framework that employs two separate improvement operators: one applied to the policy in the spirit of policy-based algorithms and one applied to the value in the spirit of value-based algorithms, which we dub Value-Improved AC (VI-AC). We design two practical VI-AC algorithms based in the popular online off-policy AC algorithms TD3 and DDPG. We evaluate VI-TD3 and VI-DDPG in the Mujoco benchmark and find that both improve upon or match the performance of their respective baselines in all environments tested.
△ Less
Submitted 3 June, 2024;
originally announced June 2024.
-
Sunyaev-Zeldovich Signals from $L^*$ Galaxies: Observations, Analytics, and Simulations
Authors:
Yossi Oren,
Amiel Sternberg,
Christopher F. McKee,
Yakov Faerman,
Shy Genel
Abstract:
We analyze measurements of the thermal Sunyaev-Zeldovich (tSZ) effect arising in the circumgalactic medium (CGM) of $L^*$ galaxies, reported by Bregman et al. 2022 and Das et al. 2023. In our analysis we use the Faerman et al. 2017 and Faerman et al. 2020 CGM models, a new power-law model (PLM), and the TNG100 simulation. For a given $M_{\rm vir}$, our PLM has four parameters; the fraction,…
▽ More
We analyze measurements of the thermal Sunyaev-Zeldovich (tSZ) effect arising in the circumgalactic medium (CGM) of $L^*$ galaxies, reported by Bregman et al. 2022 and Das et al. 2023. In our analysis we use the Faerman et al. 2017 and Faerman et al. 2020 CGM models, a new power-law model (PLM), and the TNG100 simulation. For a given $M_{\rm vir}$, our PLM has four parameters; the fraction, $f_{\rm hCGM}$, of the halo baryon mass in hot CGM gas, the ratio, $φ_T$, of the actual gas temperature at the virial radius to the virial temperature, and the power-law indicies, $a_{P,{\rm th}}$ and $a_n$ for the thermal electron pressure and the hydrogen nucleon density. The B+22 Compton-$y$ profile implies steep electron pressure slopes ($a_{P,{\rm th}}\simeq 2$). For isothermal conditions the temperature is at least $1.1\times 10^6$ K, with a hot CGM gas mass of up to $3.5\times 10^{11}$ M$_\odot$ for a virial mass of $2.75\times 10^{12}$ M$_\odot$. However, if isothermal the gas must be expanding out of the halos. An isentropic equation of state is favored for which hydrostatic equilibrium is possible. The B+22 and D+23 results are consistent with each other and with recent (0.5-2 keV) CGM X-ray observations by Zhang et al. 2024 of Milky Way mass systems. For $M_{\rm vir}\simeq 3\times 10^{12}$ M$_\odot$, the scaled Compton pressure integrals, $E(z)^{-2/3}Y_{500}/M_{\rm vir,12}^{5/3}$, lie in the narrow range, $2.5\times 10^{-4}$ to $5.0\times 10^{-4}$ kpc$^2$, for all three sets of observations. TNG100 underpredicts the tSZ parameters by factors $\sim 0.5$ dex for the $L^*$ galaxies, suggesting that the feedback strengths and CGM gas losses are overestimated in the simulated halos at these mass scales.
△ Less
Submitted 14 March, 2024;
originally announced March 2024.
-
Proving Test Set Contamination in Black Box Language Models
Authors:
Yonatan Oren,
Nicole Meister,
Niladri Chatterji,
Faisal Ladhak,
Tatsunori B. Hashimoto
Abstract:
Large language models are trained on vast amounts of internet data, prompting concerns and speculation that they have memorized public benchmarks. Going from speculation to proof of contamination is challenging, as the pretraining data used by proprietary models are often not publicly accessible. We show that it is possible to provide provable guarantees of test set contamination in language model…
▽ More
Large language models are trained on vast amounts of internet data, prompting concerns and speculation that they have memorized public benchmarks. Going from speculation to proof of contamination is challenging, as the pretraining data used by proprietary models are often not publicly accessible. We show that it is possible to provide provable guarantees of test set contamination in language models without access to pretraining data or model weights. Our approach leverages the fact that when there is no data contamination, all orderings of an exchangeable benchmark should be equally likely. In contrast, the tendency for language models to memorize example order means that a contaminated language model will find certain canonical orderings to be much more likely than others. Our test flags potential contamination whenever the likelihood of a canonically ordered benchmark dataset is significantly higher than the likelihood after shuffling the examples. We demonstrate that our procedure is sensitive enough to reliably prove test set contamination in challenging situations, including models as small as 1.4 billion parameters, on small test sets of only 1000 examples, and datasets that appear only a few times in the pretraining corpus. Using our test, we audit five popular publicly accessible language models for test set contamination and find little evidence for pervasive contamination.
△ Less
Submitted 23 November, 2023; v1 submitted 26 October, 2023;
originally announced October 2023.
-
E-MCTS: Deep Exploration in Model-Based Reinforcement Learning by Planning with Epistemic Uncertainty
Authors:
Yaniv Oren,
Matthijs T. J. Spaan,
Wendelin Böhmer
Abstract:
One of the most well-studied and highly performing planning approaches used in Model-Based Reinforcement Learning (MBRL) is Monte-Carlo Tree Search (MCTS). Key challenges of MCTS-based MBRL methods remain dedicated deep exploration and reliability in the face of the unknown, and both challenges can be alleviated through principled epistemic uncertainty estimation in the predictions of MCTS. We pre…
▽ More
One of the most well-studied and highly performing planning approaches used in Model-Based Reinforcement Learning (MBRL) is Monte-Carlo Tree Search (MCTS). Key challenges of MCTS-based MBRL methods remain dedicated deep exploration and reliability in the face of the unknown, and both challenges can be alleviated through principled epistemic uncertainty estimation in the predictions of MCTS. We present two main contributions: First, we develop methodology to propagate epistemic uncertainty in MCTS, enabling agents to estimate the epistemic uncertainty in their predictions. Second, we utilize the propagated uncertainty for a novel deep exploration algorithm by explicitly planning to explore. We incorporate our approach into variations of MCTS-based MBRL approaches with learned and provided dynamics models, and empirically show deep exploration through successful epistemic uncertainty estimation achieved by our approach. We compare to a non-planning-based deep-exploration baseline, and demonstrate that planning with epistemic MCTS significantly outperforms non-planning based exploration in the investigated deep exploration benchmark.
△ Less
Submitted 30 August, 2023; v1 submitted 21 October, 2022;
originally announced October 2022.
-
DRAWNAPART: A Device Identification Technique based on Remote GPU Fingerprinting
Authors:
Tomer Laor,
Naif Mehanna,
Antonin Durey,
Vitaly Dyadyuk,
Pierre Laperdrix,
Clémentine Maurice,
Yossi Oren,
Romain Rouvoy,
Walter Rudametkin,
Yuval Yarom
Abstract:
Browser fingerprinting aims to identify users or their devices, through scripts that execute in the users' browser and collect information on software or hardware characteristics. It is used to track users or as an additional means of identification to improve security. In this paper, we report on a new technique that can significantly extend the tracking time of fingerprint-based tracking methods…
▽ More
Browser fingerprinting aims to identify users or their devices, through scripts that execute in the users' browser and collect information on software or hardware characteristics. It is used to track users or as an additional means of identification to improve security. In this paper, we report on a new technique that can significantly extend the tracking time of fingerprint-based tracking methods. Our technique, which we call DrawnApart, is a new GPU fingerprinting technique that identifies a device based on the unique properties of its GPU stack. Specifically, we show that variations in speed among the multiple execution units that comprise a GPU can serve as a reliable and robust device signature, which can be collected using unprivileged JavaScript. We investigate the accuracy of DrawnApart under two scenarios. In the first scenario, our controlled experiments confirm that the technique is effective in distinguishing devices with similar hardware and software configurations, even when they are considered identical by current state-of-the-art fingerprinting algorithms. In the second scenario, we integrate a one-shot learning version of our technique into a state-of-the-art browser fingerprint tracking algorithm. We verify our technique through a large-scale experiment involving data collected from over 2,500 crowd-sourced devices over a period of several months and show it provides a boost of up to 67% to the median tracking duration, compared to the state-of-the-art method. DrawnApart makes two contributions to the state of the art in browser fingerprinting. On the conceptual front, it is the first work that explores the manufacturing differences between identical GPUs and the first to exploit these differences in a privacy context. On the practical front, it demonstrates a robust technique for distinguishing between machines with identical hardware and software configurations.
△ Less
Submitted 24 January, 2022;
originally announced January 2022.
-
Simplifying concentration-polarization of trace-ions in pressure-driven membrane processes
Authors:
Yaeli S. Oren,
Viatcheslav Freger,
Oded Nir
Abstract:
Accounting for concentration-polarization (CP) is critical for modeling solute transport in membrane separation processes. In a mixed-electrolyte solution, ions CP is affected not only by diffusion and advection but also by electromigration. Yet, the classic film model, lacking an electromigration term, is frequently used for modeling ion CP. Often, ion CP is altogether neglected to reduce the com…
▽ More
Accounting for concentration-polarization (CP) is critical for modeling solute transport in membrane separation processes. In a mixed-electrolyte solution, ions CP is affected not only by diffusion and advection but also by electromigration. Yet, the classic film model, lacking an electromigration term, is frequently used for modeling ion CP. Often, ion CP is altogether neglected to reduce the computational load. Here, we study the CP of trace ions in a dominant salt solution, a case relevant for many reverse-osmosis and nanofiltration processes. First, we revisit the solution-diffusion-electromigration-film theory to obtain an analytical solution for the CP and membrane-transport of trace-ions in a dominant salt solution. Secondly, we consider limiting conditions relevant to reverse-osmosis and nanofiltration, from which we derive two compact equations that emerge as a seamless extension to the classic film theory. These equations can be used to account for the effect of electromigration on CP with minimal effort. Thirdly, we use our theory to quantify the effect of electromigration on ion CP in different dominant salt solutions. Finally, by analyzing two environmental membrane processes, we demonstrate how our theory deviates from the conventional one and quantify the implications on membrane scaling potential and the transport of ionic contaminants.
△ Less
Submitted 3 August, 2021;
originally announced August 2021.
-
Prime+Probe 1, JavaScript 0: Overcoming Browser-based Side-Channel Defenses
Authors:
Anatoly Shusterman,
Ayush Agarwal,
Sioli O'Connell,
Daniel Genkin,
Yossi Oren,
Yuval Yarom
Abstract:
The "eternal war in cache" has reached browsers, with multiple cache-based side-channel attacks and countermeasures being suggested. A common approach for countermeasures is to disable or restrict JavaScript features deemed essential for carrying out attacks. To assess the effectiveness of this approach, in this work we seek to identify those JavaScript features which are essential for carrying ou…
▽ More
The "eternal war in cache" has reached browsers, with multiple cache-based side-channel attacks and countermeasures being suggested. A common approach for countermeasures is to disable or restrict JavaScript features deemed essential for carrying out attacks. To assess the effectiveness of this approach, in this work we seek to identify those JavaScript features which are essential for carrying out a cache-based attack. We develop a sequence of attacks with progressively decreasing dependency on JavaScript features, culminating in the first browser-based side-channel attack which is constructed entirely from Cascading Style Sheets (CSS) and HTML, and works even when script execution is completely blocked. We then show that avoiding JavaScript features makes our techniques architecturally agnostic, resulting in microarchitectural website fingerprinting attacks that work across hardware platforms including Intel Core, AMD Ryzen, Samsung Exynos, and Apple M1 architectures. As a final contribution, we evaluate our techniques in hardened browser environments including the Tor browser, Deter-Fox (Cao el al., CCS 2017), and Chrome Zero (Schwartz et al., NDSS 2018). We confirm that none of these approaches completely defend against our attacks. We further argue that the protections of Chrome Zero need to be more comprehensively applied, and that the performance and user experience of Chrome Zero will be severely degraded if this approach is taken.
△ Less
Submitted 8 March, 2021;
originally announced March 2021.
-
Distributionally Robust Language Modeling
Authors:
Yonatan Oren,
Shiori Sagawa,
Tatsunori B. Hashimoto,
Percy Liang
Abstract:
Language models are generally trained on data spanning a wide range of topics (e.g., news, reviews, fiction), but they might be applied to an a priori unknown target distribution (e.g., restaurant reviews). In this paper, we first show that training on text outside the test distribution can degrade test performance when using standard maximum likelihood (MLE) training. To remedy this without the k…
▽ More
Language models are generally trained on data spanning a wide range of topics (e.g., news, reviews, fiction), but they might be applied to an a priori unknown target distribution (e.g., restaurant reviews). In this paper, we first show that training on text outside the test distribution can degrade test performance when using standard maximum likelihood (MLE) training. To remedy this without the knowledge of the test distribution, we propose an approach which trains a model that performs well over a wide range of potential test distributions. In particular, we derive a new distributionally robust optimization (DRO) procedure which minimizes the loss of the model over the worst-case mixture of topics with sufficient overlap with the training distribution. Our approach, called topic conditional value at risk (topic CVaR), obtains a 5.5 point perplexity reduction over MLE when the language models are trained on a mixture of Yelp reviews and news and tested only on reviews.
△ Less
Submitted 4 September, 2019;
originally announced September 2019.
-
Cross-Router Covert Channels
Authors:
Adar Ovadya,
Rom Ogen,
Yakov Mallah,
Niv Gilboa,
Yossi Oren
Abstract:
Many organizations protect secure networked devices from non-secure networked devices by assigning each class of devices to a different logical network. These two logical networks, commonly called the host network and the guest network, use the same router hardware, which is designed to isolate the two networks in software.
In this work we show that logical network isolation based on host and gu…
▽ More
Many organizations protect secure networked devices from non-secure networked devices by assigning each class of devices to a different logical network. These two logical networks, commonly called the host network and the guest network, use the same router hardware, which is designed to isolate the two networks in software.
In this work we show that logical network isolation based on host and guest networks can be overcome by the use of cross-router covert channels. Using specially-crafted network traffic, these channels make it possible to leak data between the host network and the guest network, and vice versa, through the use of the router as a shared medium. We performed a survey of routers representing multiple vendors and price points, and discovered that all of the routers we surveyed are vulnerable to at least one class of covert channel. Our attack can succeed even if the attacker has very limited permissions on the infected device, and even an iframe hosting malicious JavaScript code can be used for this purpose. We provide several metrics for the effectiveness of such channels, based on their pervasiveness, rate and covertness, and discuss possible ways of identifying and preventing these leakages.
△ Less
Submitted 7 August, 2019;
originally announced August 2019.
-
Sensor Defense In-Software (SDI):Practical Software Based Detection of Spoofing Attacks on Position Sensor
Authors:
Kevin Sam Tharayil,
Benyamin Farshteindiker,
Shaked Eyal,
Nir Hasidim,
Roy Hershkovitz,
Shani Houri,
Ilia Yoffe,
Michal Oren,
Yossi Oren
Abstract:
Position sensors, such as the gyroscope, the magnetometer and the accelerometer, are found in a staggering variety of devices, from smartphones and UAVs to autonomous robots. Several works have shown how adversaries can mount spoofing attacks to remotely corrupt or even completely control the outputs of these sensors. With more and more critical applications relying on sensor readings to make impo…
▽ More
Position sensors, such as the gyroscope, the magnetometer and the accelerometer, are found in a staggering variety of devices, from smartphones and UAVs to autonomous robots. Several works have shown how adversaries can mount spoofing attacks to remotely corrupt or even completely control the outputs of these sensors. With more and more critical applications relying on sensor readings to make important decisions, defending sensors from these attacks is of prime importance.
In this work we present practical software based defenses against attacks on two common types of position sensors, specifically the gyroscope and the magnetometer. We first characterize the sensitivity of these sensors to acoustic and magnetic adversaries. Next, we present two software-only defenses: a machine learning based single sensor defense, and a sensor fusion defense which makes use of the mathematical relationship between the two sensors. We performed a detailed theoretical analysis of our defenses, and implemented them on a variety of smartphones, as well as on a resource-constrained IoT sensor node. Our defenses do not require any hardware or OS-level modifications, making it possible to use them with existing hardware. Moreover, they provide a high detection accuracy, a short detection time and a reasonable power consumption.
△ Less
Submitted 12 May, 2019;
originally announced May 2019.
-
A Retrieve-and-Edit Framework for Predicting Structured Outputs
Authors:
Tatsunori B. Hashimoto,
Kelvin Guu,
Yonatan Oren,
Percy Liang
Abstract:
For the task of generating complex outputs such as source code, editing existing outputs can be easier than generating complex outputs from scratch. With this motivation, we propose an approach that first retrieves a training example based on the input (e.g., natural language description) and then edits it to the desired output (e.g., code). Our contribution is a computationally efficient method f…
▽ More
For the task of generating complex outputs such as source code, editing existing outputs can be easier than generating complex outputs from scratch. With this motivation, we propose an approach that first retrieves a training example based on the input (e.g., natural language description) and then edits it to the desired output (e.g., code). Our contribution is a computationally efficient method for learning a retrieval model that embeds the input in a task-dependent way without relying on a hand-crafted metric or incurring the expense of jointly training the retriever with the editor. Our retrieve-and-edit framework can be applied on top of any base model. We show that on a new autocomplete task for GitHub Python code and the Hearthstone cards benchmark, retrieve-and-edit significantly boosts the performance of a vanilla sequence-to-sequence model on both tasks.
△ Less
Submitted 3 December, 2018;
originally announced December 2018.
-
Robust Website Fingerprinting Through the Cache Occupancy Channel
Authors:
Anatoly Shusterman,
Lachlan Kang,
Yarden Haskal,
Yosef Meltser,
Prateek Mittal,
Yossi Oren,
Yuval Yarom
Abstract:
Website fingerprinting attacks, which use statistical analysis on network traffic to compromise user privacy, have been shown to be effective even if the traffic is sent over anonymity-preserving networks such as Tor. The classical attack model used to evaluate website fingerprinting attacks assumes an on-path adversary, who can observe all traffic traveling between the user's computer and the Tor…
▽ More
Website fingerprinting attacks, which use statistical analysis on network traffic to compromise user privacy, have been shown to be effective even if the traffic is sent over anonymity-preserving networks such as Tor. The classical attack model used to evaluate website fingerprinting attacks assumes an on-path adversary, who can observe all traffic traveling between the user's computer and the Tor network. In this work we investigate these attacks under a different attack model, in which the adversary is capable of running a small amount of unprivileged code on the target user's computer. Under this model, the attacker can mount cache side-channel attacks, which exploit the effects of contention on the CPU's cache, to identify the website being browsed. In an important special case of this attack model, a JavaScript attack is launched when the target user visits a website controlled by the attacker. The effectiveness of this attack scenario has never been systematically analyzed, especially in the open-world model which assumes that the user is visiting a mix of both sensitive and non-sensitive sites. In this work we show that cache website fingerprinting attacks in JavaScript are highly feasible, even when they are run from highly restrictive environments, such as the Tor Browser. Specifically, we use machine learning techniques to classify traces of cache activity. Unlike prior works, which try to identify cache conflicts, our work measures the overall occupancy of the last-level cache. We show that our approach achieves high classification accuracy in both the open-world and the closed-world models. We further show that our techniques are resilient both to network-based defenses and to side-channel countermeasures introduced to modern browsers as a response to the Spectre attack.
△ Less
Submitted 21 February, 2019; v1 submitted 17 November, 2018;
originally announced November 2018.
-
Robust Diabatic Quantum Search by Landau-Zener-Stückelberg Oscillations
Authors:
Yosi Atia,
Yonathan Oren,
Nadav Katz
Abstract:
Quantum computation by the adiabatic theorem requires a slowly varying Hamiltonian with respect to the spectral gap. We show that the Landau-Zener-Stückelberg oscillation phenomenon, that naturally occurs in quantum two level systems under non-adiabatic periodic drive, can be exploited to find the ground state of an N dimensional Grover Hamiltonian. The total runtime of this method is…
▽ More
Quantum computation by the adiabatic theorem requires a slowly varying Hamiltonian with respect to the spectral gap. We show that the Landau-Zener-Stückelberg oscillation phenomenon, that naturally occurs in quantum two level systems under non-adiabatic periodic drive, can be exploited to find the ground state of an N dimensional Grover Hamiltonian. The total runtime of this method is $O(\sqrt{2^n})$ which is equal to the computational time of the Grover algorithm in the quantum circuit model. An additional periodic drive can suppress a large subset of Hamiltonian control errors using coherent destruction of tunneling, providing superior performance compared to standard algorithms.
△ Less
Submitted 20 December, 2018; v1 submitted 12 November, 2018;
originally announced November 2018.
-
Shattered Trust: When Replacement Smartphone Components Attack
Authors:
Omer Shwartz,
Amir Cohen,
Asaf Shabtai,
Yossi Oren
Abstract:
Phone touchscreens, and other similar hardware components such as orientation sensors, wireless charging controllers, and NFC readers, are often produced by third-party manufacturers and not by the phone vendors themselves. Third-party driver source code to support these components is integrated into the vendor's source code. In contrast to 'pluggable' drivers, such as USB or network drivers, the…
▽ More
Phone touchscreens, and other similar hardware components such as orientation sensors, wireless charging controllers, and NFC readers, are often produced by third-party manufacturers and not by the phone vendors themselves. Third-party driver source code to support these components is integrated into the vendor's source code. In contrast to 'pluggable' drivers, such as USB or network drivers, the component driver's source code implicitly assumes that the component hardware is authentic and trustworthy. As a result of this trust, very few integrity checks are performed on the communications between the component and the device's main processor.
In this paper, we call this trust into question, considering the fact that touchscreens are often shattered and then replaced with aftermarket components of questionable origin. We analyze the operation of a commonly used touchscreen controller. We construct two standalone attacks, based on malicious touchscreen hardware, that function as building blocks toward a full attack: a series of touch injection attacks that allow the touchscreen to impersonate the user and exfiltrate data, and a buffer overflow attack that lets the attacker execute privileged operations. Combining the two building blocks, we present and evaluate a series of end-to-end attacks that can severely compromise a stock Android phone with standard firmware. Our results make the case for a hardware-based physical countermeasure.
△ Less
Submitted 13 May, 2018;
originally announced May 2018.
-
Generating Sentences by Editing Prototypes
Authors:
Kelvin Guu,
Tatsunori B. Hashimoto,
Yonatan Oren,
Percy Liang
Abstract:
We propose a new generative model of sentences that first samples a prototype sentence from the training corpus and then edits it into a new sentence. Compared to traditional models that generate from scratch either left-to-right or by first sampling a latent sentence vector, our prototype-then-edit model improves perplexity on language modeling and generates higher quality outputs according to hu…
▽ More
We propose a new generative model of sentences that first samples a prototype sentence from the training corpus and then edits it into a new sentence. Compared to traditional models that generate from scratch either left-to-right or by first sampling a latent sentence vector, our prototype-then-edit model improves perplexity on language modeling and generates higher quality outputs according to human evaluation. Furthermore, the model gives rise to a latent edit vector that captures interpretable semantics such as sentence similarity and sentence-level analogies.
△ Less
Submitted 7 September, 2018; v1 submitted 26 September, 2017;
originally announced September 2017.
-
Theory of ion and water transport in reverse osmosis membranes
Authors:
Y. S. Oren,
P. M. Biesheuvel
Abstract:
We present theory for ion and water transport through reverse osmosis membranes based on a Maxwell-Stefan framework combined with hydrodynamic theory for the reduced motion of particles in thin pores. We include all driving forces and frictions both on the fluid (water), and on the ions, including ion-fluid friction as well as ion-wall friction. By including the acid-base character of the carbonic…
▽ More
We present theory for ion and water transport through reverse osmosis membranes based on a Maxwell-Stefan framework combined with hydrodynamic theory for the reduced motion of particles in thin pores. We include all driving forces and frictions both on the fluid (water), and on the ions, including ion-fluid friction as well as ion-wall friction. By including the acid-base character of the carbonic acid system, the boric acid system, H$_3$O$^+$/OH$^-$, and the membrane charge, we locally determine pH and thus the effective charge of the membrane as well as the dissociation degree of boric acid. We present calculation results for a dead end experiment with fixed feed concentration, where effluent composition is a self-consistent function of fluxes through the membrane. Comparison with experimental results from literature for fluid flow vs. pressure, and for salt and boron rejection, shows that theory agrees well with data. Our model is based on realistic assumptions for the effective sizes of the ions and for the diameter of the RO membrane pore in the polyamide toplayer ($\sim$0.75 nm).
△ Less
Submitted 21 June, 2017;
originally announced June 2017.
-
The Spy in the Sandbox -- Practical Cache Attacks in Javascript
Authors:
Yossef Oren,
Vasileios P. Kemerlis,
Simha Sethumadhavan,
Angelos D. Keromytis
Abstract:
We present the first micro-architectural side-channel attack which runs entirely in the browser. In contrast to other works in this genre, this attack does not require the attacker to install any software on the victim's machine -- to facilitate the attack, the victim needs only to browse to an untrusted webpage with attacker-controlled content. This makes the attack model highly scalable and extr…
▽ More
We present the first micro-architectural side-channel attack which runs entirely in the browser. In contrast to other works in this genre, this attack does not require the attacker to install any software on the victim's machine -- to facilitate the attack, the victim needs only to browse to an untrusted webpage with attacker-controlled content. This makes the attack model highly scalable and extremely relevant and practical to today's web, especially since most desktop browsers currently accessing the Internet are vulnerable to this attack. Our attack, which is an extension of the last-level cache attacks of Yarom et al., allows a remote adversary recover information belonging to other processes, other users and even other virtual machines running on the same physical host as the victim web browser. We describe the fundamentals behind our attack, evaluate its performance using a high bandwidth covert channel and finally use it to construct a system-wide mouse/network activity logger. Defending against this attack is possible, but the required countermeasures can exact an impractical cost on other benign uses of the web browser and of the computer.
△ Less
Submitted 1 March, 2015; v1 submitted 25 February, 2015;
originally announced February 2015.
-
Discrete Self-Similarity in Ultra-Relativistic Type-II Strong Explosions
Authors:
Yonatan Oren,
Re'em Sari
Abstract:
A solution to the ultra-relativistic strong explosion problem with a non-power law density gradient is delineated. We consider a blast wave expanding into a density profile falling off as a steep radial power-law with small, spherically symmetric, and log-periodic density perturbations. We find discretely self-similar solutions to the perturbation equations and compare them to numerical simulati…
▽ More
A solution to the ultra-relativistic strong explosion problem with a non-power law density gradient is delineated. We consider a blast wave expanding into a density profile falling off as a steep radial power-law with small, spherically symmetric, and log-periodic density perturbations. We find discretely self-similar solutions to the perturbation equations and compare them to numerical simulations. These results are then generalized to encompass small spherically symmetric perturbations with arbitrary profiles.
△ Less
Submitted 19 October, 2009;
originally announced October 2009.
-
Discrete Self-Similarity in Type-II Strong Explosions
Authors:
Yonatan Oren,
Re'em Sari
Abstract:
We present new solutions to the strong explosion problem in a non-power law density profile. The unperturbed self-similar solutions discovered by Waxman & Shvarts describe strong Newtonian shocks propagating into a cold gas with a density profile falling off as $r^{-ω}$, where $ω>3$ (Type-II solutions). The perturbations we consider are spherically symmetric and log-periodic with respect to the…
▽ More
We present new solutions to the strong explosion problem in a non-power law density profile. The unperturbed self-similar solutions discovered by Waxman & Shvarts describe strong Newtonian shocks propagating into a cold gas with a density profile falling off as $r^{-ω}$, where $ω>3$ (Type-II solutions). The perturbations we consider are spherically symmetric and log-periodic with respect to the radius. While the unperturbed solutions are continuously self-similar, the log-periodicity of the density perturbations leads to a discrete self-similarity of the perturbations, i.e. the solution repeats itself up to a scaling at discrete time intervals. We discuss these solutions and verify them against numerical integrations of the time dependent hydrodynamic equations. Finally we show that this method can be generalized to treat any small, spherically symmetric density perturbation by employing Fourier decomposition.
△ Less
Submitted 10 July, 2009;
originally announced July 2009.
-
Expected Performance of the ATLAS Experiment - Detector, Trigger and Physics
Authors:
The ATLAS Collaboration,
G. Aad,
E. Abat,
B. Abbott,
J. Abdallah,
A. A. Abdelalim,
A. Abdesselam,
O. Abdinov,
B. Abi,
M. Abolins,
H. Abramowicz,
B. S. Acharya,
D. L. Adams,
T. N. Addy,
C. Adorisio,
P. Adragna,
T. Adye,
J. A. Aguilar-Saavedra,
M. Aharrouche,
S. P. Ahlen,
F. Ahles,
A. Ahmad,
H. Ahmed,
G. Aielli,
T. Akdogan
, et al. (2587 additional authors not shown)
Abstract:
A detailed study is presented of the expected performance of the ATLAS detector. The reconstruction of tracks, leptons, photons, missing energy and jets is investigated, together with the performance of b-tagging and the trigger. The physics potential for a variety of interesting physics processes, within the Standard Model and beyond, is examined. The study comprises a series of notes based on…
▽ More
A detailed study is presented of the expected performance of the ATLAS detector. The reconstruction of tracks, leptons, photons, missing energy and jets is investigated, together with the performance of b-tagging and the trigger. The physics potential for a variety of interesting physics processes, within the Standard Model and beyond, is examined. The study comprises a series of notes based on simulations of the detector and physics processes, with particular emphasis given to the data expected from the first years of operation of the LHC at CERN.
△ Less
Submitted 14 August, 2009; v1 submitted 28 December, 2008;
originally announced January 2009.
-
GRB 051221A and Tests of Lorentz Symmetry
Authors:
Maria Rodriguez Martinez,
Tsvi Piran,
Yonatan Oren
Abstract:
Various approaches to quantum gravity suggest the possibility of violation of Lorentz symmetry at very high energies. In these cases we expect a modification at low energies of the dispersion relation of photons that contains extra powers of the momentum suppressed by a high energy scale. These terms break boost invariance and can be tested even at relatively low energies. We use the light curve…
▽ More
Various approaches to quantum gravity suggest the possibility of violation of Lorentz symmetry at very high energies. In these cases we expect a modification at low energies of the dispersion relation of photons that contains extra powers of the momentum suppressed by a high energy scale. These terms break boost invariance and can be tested even at relatively low energies. We use the light curves of the very bright short Gamma-Ray Burst GRB 051221A and compare the arrival times of photons at different energies with the expected time delay due to a modified dispersion relation. As no time delay was observed, we set a lower bound of 0.0066 E_{pl} \sim 0.66 10^{17} GeV on the scale of Lorentz invariance violation.
△ Less
Submitted 24 January, 2006;
originally announced January 2006.
-
On Choptuik's scaling in higher dimensions
Authors:
Evgeny Sorkin,
Yonatan Oren
Abstract:
We extend Choptuik's scaling phenomenon found in general relativistic critical gravitational collapse of a massless scalar field to higher dimensions. We find that in the range 4 <= D <= 11 the behavior is qualitatively similar to that discovered by Choptuik. In each dimension we obtain numerically the universal numbers associated with the critical collapse: the scaling exponent gamma and the ec…
▽ More
We extend Choptuik's scaling phenomenon found in general relativistic critical gravitational collapse of a massless scalar field to higher dimensions. We find that in the range 4 <= D <= 11 the behavior is qualitatively similar to that discovered by Choptuik. In each dimension we obtain numerically the universal numbers associated with the critical collapse: the scaling exponent gamma and the echoing period Delta. The behavior of these numbers with increasing dimension seems to indicate that gamma reaches a maximum and Delta a minimum value around 11 <= D <= 13. These results and their relation to the black hole--black string system are discussed.
△ Less
Submitted 6 June, 2005; v1 submitted 3 February, 2005;
originally announced February 2005.
-
The apparent size of GRB afterglows as a test of the Fireball model
Authors:
Yonatan Oren,
Ehud Nakar,
Tsvi Piran
Abstract:
Taylor et al. (2004) reported recently on the first direct measurement of the apparent size of a GRB afterglow. Here we confront these observations with the predictions of the fireball model. We use a simple model to study numerically the evolution of the fireball and determine its apparent size, starting at the early spherical expansion phase through the jet break and into the Newtonian regime.…
▽ More
Taylor et al. (2004) reported recently on the first direct measurement of the apparent size of a GRB afterglow. Here we confront these observations with the predictions of the fireball model. We use a simple model to study numerically the evolution of the fireball and determine its apparent size, starting at the early spherical expansion phase through the jet break and into the Newtonian regime. We perform these calculations on the background of a uniform interstellar medium and a massive stellar wind environment. We find that the calculated apparent size at the time of the measurements taken by Taylor et al. depends only weakly on the chosen parameters (the jet opening angle, the energy, and the external density profile). Thus it is reassuring that the only possible outcome of the model, within the plausible range of parameters, agrees very well with the data. These measurements therefore present us with a strong test of possible GRB models, which the fireball model passes successfully.
△ Less
Submitted 13 June, 2004; v1 submitted 11 June, 2004;
originally announced June 2004.
-
Polarization and light curve variability: the "patchy shell" model
Authors:
Ehud Nakar,
Yonatan Oren
Abstract:
Recent advances in early detection and detailed monitoring of GRB afterglows have revealed variability in some afterglow light curves. One of the leading models for this behavior is the patchy shell model. This model attributes the variability to random angular fluctuations in the relativistic jet energy. These an-axisymmetric fluctuations should also impose variations in the degree and angle of…
▽ More
Recent advances in early detection and detailed monitoring of GRB afterglows have revealed variability in some afterglow light curves. One of the leading models for this behavior is the patchy shell model. This model attributes the variability to random angular fluctuations in the relativistic jet energy. These an-axisymmetric fluctuations should also impose variations in the degree and angle of polarization that are correlated to the light curve variability. In this letter we present a solution of the light curve and polarization resulting from a given spectrum of energy fluctuations. We compare light curves produced using this solution to the variable light curve of GRB 021004 and we show that the main features in both the light curve and the polarization fluctuations are very well reproduced by this model. We use our results to draw constraints on the characteristics of the energy fluctuations that might have been present in GRB 021004.
△ Less
Submitted 5 February, 2004; v1 submitted 8 October, 2003;
originally announced October 2003.
-
On the Collapse of Charged Scalar Fields
Authors:
Yonatan Oren,
Tsvi Piran
Abstract:
We explore numerically the evolution of a collapsing spherical shell of charged, massless scalar field. We obtain an external \RN space-time, and an inner space-time that is bounded by a singularity on the Cauchy Horizon. We compare these results with previous analysis and discuss some of the numerical problems encountered.
We explore numerically the evolution of a collapsing spherical shell of charged, massless scalar field. We obtain an external \RN space-time, and an inner space-time that is bounded by a singularity on the Cauchy Horizon. We compare these results with previous analysis and discuss some of the numerical problems encountered.
△ Less
Submitted 17 June, 2003;
originally announced June 2003.