Link: 

https://www.thomsonreuters.com.ar/content/dam/ewp-m/documents/argentina/es/pdf/other/concepcion-responsabilidad-civil-medica-markus-finn.pdf

Modern DRAM is susceptible to fault attacks that undermine the entire system’s security. The most well-studied disturbance effect is Rowhammer, where an attacker repeatedly opens and closes (i.e., hammers) different rows, which can lead to bitflips in adjacent rows. Different hammering strategies include double-sided, hammering two rows sandwiching a victim row, and one-location, hammering a single row. One-location Rowhammer requires no physical address information, as any location in memory is mapped to a DRAM row, and no relation between rows is required for hammering. The recently discovered Rowpress differs from Rowhammer by not hammering rows but keeping them open longer, evident by a disjoint set of affected memory locations.

In this paper, we examine the differences between four attack variants: one-location Rowhammer, a one-location Rowpress variant we developed, double-sided Rowhammer, and double-sided Rowpress on a set of 12 DDR4 modules. Our methodology is to hammer and press the exact same set of physical memory locations in all attack variants. Surprisingly, our results show that on 4 out of 12 DDR4 modules, we were only able to reproduce double-sided Rowhammer but none of the other attack variants. On 2 DDR4 modules, we were able to reproduce all attack variants. We find that the number of unique bitflip locations ranges from 161 to 15 612, when hammering the exact same set of physical memory locations. Our one-location Rowhammer attack induces roughly the same amount of bitflips as double-sided Rowhammer, however, only 61.8 % of bitflip locations overlap. We explain this by one-location Rowhammer inducing bitflips due to the Rowhammer as well as the Rowpress effect, making the differentiation of both methods difficult, therefore, calling it Presshammer. Based on our observed bitflips, we develop the first end-to-end one-location Rowpress attack. One-location Rowpress requires only minimal physical address information that an attacker can acquire through a same-row same-bank side-channel attack. Our end-to- end attack escalates to kernel privileges within less than 10 minutes.

In the face of increasing digitization, companies must make significant changes to their offerings and operations to remain competitive. This digital transformation of organizations includes a digital transformation of the workplace, which is often met with resistance from employees. While it is recognized that reducing employee resistance is crucial for organizations, there is a limited understanding of the antecedents of employee resistance in the context of digital transformation, different resistance behaviors, and potential countermeasures. Drawing on technostress and employee resistance theories, we address these research gaps. Results from two empirical studies support our central prediction that digital transformation of the workplace causes technostress, which in turn promotes passive and active resistance behaviors among employees. Additionally, we highlight that organizations can use digital literacy facilitation to reduce employee technostress and resistance.

Large language models (LLMs) have garnered significant attention, but the definition of “large” lacks clarity. This paper focuses on medium-sized language models (MLMs), defined as having at least six billion parameters but less than 100 billion. The study evaluates MLMs regarding zero-shot generative question answering in German and English language, which requires models to provide elaborate answers without external document retrieval (RAG). The paper introduces an own test dataset and presents results from human evaluation. Results show that combining the best answers from different MLMs yielded an overall correct answer rate of 82.7% which is better than the 60.9% of ChatGPT. The best English MLM achieved 71.8% and has 33B parameters, which highlights the importance of using appropriate training data for fine-tuning rather than solely relying on the number of parameters. The best German model also surpasses ChatGPT for the equivalent dataset. More fine-grained feedback should be used to further improve the quality of answers. The open source community is quickly closing the gap to the best commercial models.

Class diagrams are at the core of object oriented modeling. They are the foundation of model-driven software engineering and backed up by a wide range of supporting tools. In most cases, source code may be generated from class diagrams which results in increasing productivity of developers. In this paper we present an approach that allows the automatic conversion of hand-drawn sketches of class diagrams into corresponding UML models and thus can help to speed up the development process significantly.

Large-scale attacks on IoT and edge computing devices pose a significant threat. As a prominent example, Mirai is an IoT botnet with 600,000 infected devices around the globe, capable of conducting effective and targeted DDoS attacks on (critical) infrastructure. Driven by the substantial impacts of attacks, manufacturers and system integrators propose Trusted Execution Environments (TEEs) that have gained significant importance recently. TEEs offer an execution environment to run small portions of code isolated from the rest of the system, even if the operating system is compromised. In this publication, we examine TEEs in the context of system monitoring and introduce the Trusted Monitor (TM), a novel anomaly detection system that runs within a TEE. The TM continuously profiles the system using hardware performance counters and utilizes an application-specific machine-learning model for anomaly detection. In our evaluation, we demonstrate that the TM accurately classifies 86% of 183 tested workloads, with an overhead of less than 2%. Notably, we show that a real-world kernel-level rootkit has observable effects on performance counters, allowing the TM to detect it. Major parts of the TM are implemented in the Rust programming language, eliminating common security-critical programming errors.