This document discusses digital rights management (DRM) techniques for protecting software and content. It explains that DRM and security use similar cryptographic building blocks but have different threat models. For DRM, the attacker has full access and control of the execution environment. The document outlines various DRM defenses like disk encryption, code obfuscation, and code flattening that aim to hide cryptographic algorithms and keys from attackers. The goal is to force attackers to spend more time reverse engineering protected software and content.
The document discusses optimizing DirectCompute for graphics processing units (GPUs). It introduces DirectCompute as an API for general purpose GPU programming and explains how it maps better than traditional graphics APIs to the architecture of GPUs like AMD's GCN. Key optimization techniques covered include choosing a thread group size that is a multiple of 64 threads to fully utilize the SIMD hardware, and using thread group shared memory to improve data access speeds compared to off-chip memory. Bank conflicts in shared memory access are also discussed as something to avoid for best performance.
Keynote (Mike Muller) - Is There Anything New in Heterogeneous Computing - by...AMD Developer Central
Keynote presentation, Is There Anything New in Heterogeneous Computing, by Mike Muller, Chief Technology Officer, ARM, at the AMD Developer Summit (APU13), Nov. 11-13, 2013.
This document discusses the TressFX hair and fur rendering technique. It begins by stating that next-gen quality hair is expected in current generation titles. It then covers the key components needed for high quality hair, including antialiasing, self-shadowing, and transparency. The document discusses isoline tessellation versus a vertex shader approach and describes TressFX's deferred rendering pipeline with selective shading of only the closest fragments. It demonstrates that TressFX can achieve next-gen quality hair and fur at real-time performance through techniques like variable ratio hair simulation, extrusion into triangles in the vertex shader, selective shading, and distance-based level of detail.
Shader Model 5.0 introduces several new features for vertex, hull, domain, geometry, and pixel shaders, including uniform indexing of resources, SV_Coverage system value, and double precision support. Compute shaders also gain features like raw and structured buffer views, atomic operations, and thread local storage. Compute shaders are well-suited for general purpose GPU tasks like post-processing and can perform Gaussian blur more efficiently than pixel shaders by reducing memory bandwidth usage through thread local storage.
PT-4055, Optimizing Raytracing on GCN with AMD Development Tools, by Tzachi C...AMD Developer Central
This document discusses optimizing raytracing on AMD's GCN architecture using AMD development tools. It provides an overview of raytracing and KD trees, describes the GCN architecture and its scalar nature, and how this impacts raytracing. It then discusses mapping raytracing to GPUs, optimizing with a stackless traversal and short stack in local memory. CodeXL is used to analyze occupancy and optimize the kernel further.
Efficient occlusion culling in dynamic scenes is a very important topic to the game and real-time graphics community in order to accelerate rendering. We present a novel algorithm inspired by recent advances in depth culling for graphics hardware, but adapted and optimized for SIMD-capable CPUs. Our algorithm has very low memory overhead and is three times faster than previous work, while culling 98% of all triangles by a full resolution depth buffer approach. It supports interleaving occluder rasterization and occlusion queries without penalty, making it easy
This presentation accompanies the webinar replay located here: http://bit.ly/1zmvlkL
AMD Media SDK Software Architect Mikhail Mironov shows you how to leverage an AMD platform for multimedia processing using the new Media Software Development Kit. He discusses how to use a new set of C++ interfaces for easy access to AMD hardware blocks, and shows you how to leverage the Media SDK in the development of video conferencing, wireless display, remote desktop, video editing, transcoding, and more.
The document discusses optimizing DirectCompute for graphics processing units (GPUs). It introduces DirectCompute as an API for general purpose GPU programming and explains how it maps better than traditional graphics APIs to the architecture of GPUs like AMD's GCN. Key optimization techniques covered include choosing a thread group size that is a multiple of 64 threads to fully utilize the SIMD hardware, and using thread group shared memory to improve data access speeds compared to off-chip memory. Bank conflicts in shared memory access are also discussed as something to avoid for best performance.
Keynote (Mike Muller) - Is There Anything New in Heterogeneous Computing - by...AMD Developer Central
Keynote presentation, Is There Anything New in Heterogeneous Computing, by Mike Muller, Chief Technology Officer, ARM, at the AMD Developer Summit (APU13), Nov. 11-13, 2013.
This document discusses the TressFX hair and fur rendering technique. It begins by stating that next-gen quality hair is expected in current generation titles. It then covers the key components needed for high quality hair, including antialiasing, self-shadowing, and transparency. The document discusses isoline tessellation versus a vertex shader approach and describes TressFX's deferred rendering pipeline with selective shading of only the closest fragments. It demonstrates that TressFX can achieve next-gen quality hair and fur at real-time performance through techniques like variable ratio hair simulation, extrusion into triangles in the vertex shader, selective shading, and distance-based level of detail.
Shader Model 5.0 introduces several new features for vertex, hull, domain, geometry, and pixel shaders, including uniform indexing of resources, SV_Coverage system value, and double precision support. Compute shaders also gain features like raw and structured buffer views, atomic operations, and thread local storage. Compute shaders are well-suited for general purpose GPU tasks like post-processing and can perform Gaussian blur more efficiently than pixel shaders by reducing memory bandwidth usage through thread local storage.
PT-4055, Optimizing Raytracing on GCN with AMD Development Tools, by Tzachi C...AMD Developer Central
This document discusses optimizing raytracing on AMD's GCN architecture using AMD development tools. It provides an overview of raytracing and KD trees, describes the GCN architecture and its scalar nature, and how this impacts raytracing. It then discusses mapping raytracing to GPUs, optimizing with a stackless traversal and short stack in local memory. CodeXL is used to analyze occupancy and optimize the kernel further.
Efficient occlusion culling in dynamic scenes is a very important topic to the game and real-time graphics community in order to accelerate rendering. We present a novel algorithm inspired by recent advances in depth culling for graphics hardware, but adapted and optimized for SIMD-capable CPUs. Our algorithm has very low memory overhead and is three times faster than previous work, while culling 98% of all triangles by a full resolution depth buffer approach. It supports interleaving occluder rasterization and occlusion queries without penalty, making it easy
This presentation accompanies the webinar replay located here: http://bit.ly/1zmvlkL
AMD Media SDK Software Architect Mikhail Mironov shows you how to leverage an AMD platform for multimedia processing using the new Media Software Development Kit. He discusses how to use a new set of C++ interfaces for easy access to AMD hardware blocks, and shows you how to leverage the Media SDK in the development of video conferencing, wireless display, remote desktop, video editing, transcoding, and more.
WT-4065, Superconductor: GPU Web Programming for Big Data Visualization, by ...AMD Developer Central
Presentation WT-4065, Superconductor: GPU Web Programming for Big Data Visualization, by Leo Meyerovich and Matthew Torok at the AMD Developer Summit (APU13) Nov. 11-13, 2013.
PT-4102, Simulation, Compilation and Debugging of OpenCL on the AMD Southern ...AMD Developer Central
This document discusses the simulation, compilation, and debugging of OpenCL on the AMD Southern Islands GPU architecture using the Multi2Sim simulator. It describes Multi2Sim's methodology for full-system simulation and emulation of CPU and GPU architectures. It provides details on Multi2Sim's x86 emulator, OpenCL runtime on the host, and emulation of the Southern Islands GPU including its disassembler, emulator, and timing simulator.
This document discusses AMD's DirectGMA technology, which allows direct access to GPU memory from other devices. It introduces DirectGMA and explains how it enables peer-to-peer transfers between GPUs and GPUs and FPGAs. It then provides details on implementing DirectGMA in APIs like OpenGL, OpenCL, DirectX 9, 10 and 11 to enable efficient data transfers without CPU involvement.
CC-4005, Performance analysis of 3D Finite Difference computational stencils ...AMD Developer Central
The document discusses performance analysis of 3D finite difference computational stencils on Seamicro fabric compute systems. It provides an overview of the hardware including chassis, compute cards, storage cards, and 3D torus fabric topology. It then describes the software stack and various microbenchmarks performed, including CPU, memory, network and storage benchmarks. It also describes modeling of 3D Laplace's equation using an 8th order finite difference scheme and its discretization over a 25 point stencil for computation on the system.
HSA-4146, Creating Smarter Applications and Systems Through Visual Intelligen...AMD Developer Central
1) Embedded vision uses computer vision techniques in embedded systems and applications to extract meaningful information from visual inputs.
2) Advances in hardware and software now enable widespread use of embedded vision across many industries like automotive, industrial automation, and consumer electronics.
3) A lane departure warning system was used as an example application, outlining the computer vision pipeline including image acquisition, preprocessing, edge detection, Hough transform, and tracking to monitor a vehicle's position relative to its lane of travel.
Direct3D12 aims to address issues with existing APIs by providing a more direct mapping to hardware capabilities. It features command buffers that allow work to be built in parallel threads and scheduled more efficiently. Pipeline state objects avoid runtime compilation overhead. Descriptor tables provide bindless resources through pointers and reduce state changes. While this gives more control and efficiency, it also means applications have more responsibility to avoid errors. Overall, Direct3D12 is designed to better expose the capabilities of modern graphics hardware.
The document discusses AMD's RapidFire technology for remote graphics solutions. RapidFire uses dedicated cloud hardware and software to deliver multiple HD game streams from a single GPU with low latency. It has four independent components - the server, network, client, and user interface. The server performs GPU encoding of the desktop into an H264 video stream. The stream is sent to the client over the network, where it is decoded by the client hardware and displayed in the UI. RapidFire is designed to work across different hardware and support various use cases and workflows.
This document provides an introduction to the CUDA parallel computing platform from NVIDIA. It discusses the CUDA hardware capabilities including GPUDirect, Dynamic Parallelism, and HyperQ. It then outlines three main programming approaches for CUDA: using libraries, OpenACC directives, and programming languages. It provides examples of libraries like cuBLAS and cuRAND. For OpenACC, it shows how to add directives to existing Fortran/C code to parallelize loops. And for languages, it lists supports like CUDA C/C++, CUDA Fortran, Python with PyCUDA etc. The document aims to provide developers with maximum flexibility in choosing the best approach to accelerate their applications using CUDA and GPUs.
MM-4092, Optimizing FFMPEG and Handbrake Using OpenCL and Other AMD HW Capabi...AMD Developer Central
This document discusses optimizing FFmpeg and Handbrake using OpenCL. It describes FFmpeg as a popular open-source multimedia software library used for recording, converting, and streaming audio and video. It was optimized to leverage heterogeneous computing by accelerating video decoding and encoding using hardware accelerators and accelerating video processing filters using the GPU. Specific filters were implemented in OpenCL for improved performance compared to CPU. Performance tests showed the accelerated FFmpeg approach achieved significantly higher frame rates than the original CPU-only FFmpeg.
The document provides an overview of GPU computing and CUDA programming. It discusses how GPUs enable massively parallel and affordable computing through their manycore architecture. The CUDA programming model allows developers to accelerate applications by launching parallel kernels on the GPU from their existing C/C++ code. Kernels contain many concurrent threads that execute the same code on different data. CUDA features a memory hierarchy and runtime for managing GPU memory and launching kernels. Overall, the document introduces GPU and CUDA concepts for general-purpose parallel programming on NVIDIA GPUs.
For the full video of this presentation, please visit:
http://www.embedded-vision.com/platinum-members/altera/embedded-vision-training/videos/pages/may-2015-embedded-vision-summit
For more information about embedded vision, please visit:
http://www.embedded-vision.com
Deshanand Singh, Director of Software Engineering at Altera, presents the "Efficient Implementation of Convolutional Neural Networks using OpenCL on FPGAs" tutorial at the May 2015 Embedded Vision Summit.
Convolutional neural networks (CNN) are becoming increasingly popular in embedded applications such as vision processing and automotive driver assistance systems. The structure of CNN systems is characterized by cascades of FIR filters and transcendental functions. FPGA technology offers a very efficient way of implementing these structures by allowing designers to build custom hardware datapaths that implement the CNN structure. One challenge of using FPGAs revolves around the design flow that has been traditionally centered around tedious hardware description languages.
In this talk, Deshanand gives a detailed explanation of how CNN algorithms can be expressed in OpenCL and compiled directly to FPGA hardware. He gives detail on code optimizations and provides comparisons with the efficiency of hand-coded implementations.
For the full video of this presentation, please visit:
http://www.embedded-vision.com/platinum-members/arm/embedded-vision-training/videos/pages/may-2016-embedded-vision-summit-iodice
For more information about embedded vision, please visit:
http://www.embedded-vision.com
Gian Marco Iodice, Software Engineer at ARM, presents the "Using SGEMM and FFTs to Accelerate Deep Learning" tutorial at the May 2016 Embedded Vision Summit.
Matrix Multiplication and the Fast Fourier Transform are numerical foundation stones for a wide range of scientific algorithms. With the emergence of deep learning, they are becoming even more important, particularly as use cases extend into mobile and embedded devices. In this presentation, lodice discusses and analyzes how these two key, computationally-intensive algorithms can be used to gain significant performance improvements for convolutional neural network (CNN) implementations.
After a brief introduction to the nature of CNN computations, Iodice explores the use of GEMM (General Matrix Multiplication) and mixed-radix FFTs to accelerate 3D convolution. He shows examples of OpenCL implementations of these functions and highlights their advantages, limitations and trade-offs. Central to the techniques explored is an emphasis on cache-efficient memory accesses and the crucial role of reduced-precision data types.
GPUs are specialized processors designed for graphics processing. CUDA (Compute Unified Device Architecture) allows general purpose programming on NVIDIA GPUs. CUDA programs launch kernels across a grid of blocks, with each block containing multiple threads that can cooperate. Threads have unique IDs and can access different memory types including shared, global, and constant memory. Applications that map well to this architecture include physics simulations, image processing, and other data-parallel workloads. The future of CUDA includes more general purpose uses through GPGPU and improvements in virtual memory, size, and cooling.
Rendering Battlefield 4 with Mantle by Johan Andersson - AMD at GDC14AMD Developer Central
Johan Andersson will show how the Frostbite 3 game engine is using the low-level graphics API Mantle to deliver significantly improved performance in Battlefield 4 on PC and future games from Electronic Arts in this presentation from the 2014 Game Developers Conference in San Francisco March 17-21. Also view this and other presentations on our developer website at http://developer.amd.com/resources/documentation-articles/conference-presentations/
Use Variable Rate Shading (VRS) to Improve the User Experience in Real-Time G...Intel® Software
Variable-rate shading (VRS) is a new feature of Microsoft DirectX* 12 and is supported on the 11th generation of Intel® graphics hardware. Get an overview and learn best practices, recommendations, and how to modify traditional 3D effects to take advantage of VRS.
HC-4020, Enhancing OpenCL performance in AfterShot Pro with HSA, by Michael W...AMD Developer Central
Presentation Hc-4020, Enhancing OpenCL performance in AfterShot Pro with HSA, by Michael Wootton at the AMD Developer Summit (APU13) November 11-13, 2013.
The document summarizes a presentation given by Stephan Hodes on optimizing performance for AMD's Graphics Core Next (GCN) architecture. The presentation covers key aspects of the GCN architecture, including compute units, registers, and latency hiding. It then provides a top 10 list of performance advice for GCN, such as using DirectCompute threads in groups of 64, avoiding over-tessellation, keeping shader pipelines short, and batching drawing calls.
PANDEMONIUM: Automated Identification of Cryptographic Algorithms using Dynam...CODE BLUE
Malware utilize many cryptographic algorithms.
To fight against malware, analysts have to reveal details on malware activities.
Accordingly, it is important to identify cryptographic algorithms used in malware.
In this track, I propose a faster and extensible method to automatically detect known cryptographic algorithms in malware using dynamic binary instrumentation and fuzzy hashing.
Georgy Nosenko - An introduction to the use SMT solvers for software securityDefconRussia
The document discusses how SMT solvers can be used for software security applications such as bug hunting, exploit generation, protection analysis, and malware analysis by modeling portions of code or algorithms as logical formulas that can then be analyzed using an SMT solver to prove properties or generate inputs. It provides examples of how SMT solvers have been used to find integer overflows, help with program verification, and aid in defeating simple hashing algorithms.
WT-4065, Superconductor: GPU Web Programming for Big Data Visualization, by ...AMD Developer Central
Presentation WT-4065, Superconductor: GPU Web Programming for Big Data Visualization, by Leo Meyerovich and Matthew Torok at the AMD Developer Summit (APU13) Nov. 11-13, 2013.
PT-4102, Simulation, Compilation and Debugging of OpenCL on the AMD Southern ...AMD Developer Central
This document discusses the simulation, compilation, and debugging of OpenCL on the AMD Southern Islands GPU architecture using the Multi2Sim simulator. It describes Multi2Sim's methodology for full-system simulation and emulation of CPU and GPU architectures. It provides details on Multi2Sim's x86 emulator, OpenCL runtime on the host, and emulation of the Southern Islands GPU including its disassembler, emulator, and timing simulator.
This document discusses AMD's DirectGMA technology, which allows direct access to GPU memory from other devices. It introduces DirectGMA and explains how it enables peer-to-peer transfers between GPUs and GPUs and FPGAs. It then provides details on implementing DirectGMA in APIs like OpenGL, OpenCL, DirectX 9, 10 and 11 to enable efficient data transfers without CPU involvement.
CC-4005, Performance analysis of 3D Finite Difference computational stencils ...AMD Developer Central
The document discusses performance analysis of 3D finite difference computational stencils on Seamicro fabric compute systems. It provides an overview of the hardware including chassis, compute cards, storage cards, and 3D torus fabric topology. It then describes the software stack and various microbenchmarks performed, including CPU, memory, network and storage benchmarks. It also describes modeling of 3D Laplace's equation using an 8th order finite difference scheme and its discretization over a 25 point stencil for computation on the system.
HSA-4146, Creating Smarter Applications and Systems Through Visual Intelligen...AMD Developer Central
1) Embedded vision uses computer vision techniques in embedded systems and applications to extract meaningful information from visual inputs.
2) Advances in hardware and software now enable widespread use of embedded vision across many industries like automotive, industrial automation, and consumer electronics.
3) A lane departure warning system was used as an example application, outlining the computer vision pipeline including image acquisition, preprocessing, edge detection, Hough transform, and tracking to monitor a vehicle's position relative to its lane of travel.
Direct3D12 aims to address issues with existing APIs by providing a more direct mapping to hardware capabilities. It features command buffers that allow work to be built in parallel threads and scheduled more efficiently. Pipeline state objects avoid runtime compilation overhead. Descriptor tables provide bindless resources through pointers and reduce state changes. While this gives more control and efficiency, it also means applications have more responsibility to avoid errors. Overall, Direct3D12 is designed to better expose the capabilities of modern graphics hardware.
The document discusses AMD's RapidFire technology for remote graphics solutions. RapidFire uses dedicated cloud hardware and software to deliver multiple HD game streams from a single GPU with low latency. It has four independent components - the server, network, client, and user interface. The server performs GPU encoding of the desktop into an H264 video stream. The stream is sent to the client over the network, where it is decoded by the client hardware and displayed in the UI. RapidFire is designed to work across different hardware and support various use cases and workflows.
This document provides an introduction to the CUDA parallel computing platform from NVIDIA. It discusses the CUDA hardware capabilities including GPUDirect, Dynamic Parallelism, and HyperQ. It then outlines three main programming approaches for CUDA: using libraries, OpenACC directives, and programming languages. It provides examples of libraries like cuBLAS and cuRAND. For OpenACC, it shows how to add directives to existing Fortran/C code to parallelize loops. And for languages, it lists supports like CUDA C/C++, CUDA Fortran, Python with PyCUDA etc. The document aims to provide developers with maximum flexibility in choosing the best approach to accelerate their applications using CUDA and GPUs.
MM-4092, Optimizing FFMPEG and Handbrake Using OpenCL and Other AMD HW Capabi...AMD Developer Central
This document discusses optimizing FFmpeg and Handbrake using OpenCL. It describes FFmpeg as a popular open-source multimedia software library used for recording, converting, and streaming audio and video. It was optimized to leverage heterogeneous computing by accelerating video decoding and encoding using hardware accelerators and accelerating video processing filters using the GPU. Specific filters were implemented in OpenCL for improved performance compared to CPU. Performance tests showed the accelerated FFmpeg approach achieved significantly higher frame rates than the original CPU-only FFmpeg.
The document provides an overview of GPU computing and CUDA programming. It discusses how GPUs enable massively parallel and affordable computing through their manycore architecture. The CUDA programming model allows developers to accelerate applications by launching parallel kernels on the GPU from their existing C/C++ code. Kernels contain many concurrent threads that execute the same code on different data. CUDA features a memory hierarchy and runtime for managing GPU memory and launching kernels. Overall, the document introduces GPU and CUDA concepts for general-purpose parallel programming on NVIDIA GPUs.
For the full video of this presentation, please visit:
http://www.embedded-vision.com/platinum-members/altera/embedded-vision-training/videos/pages/may-2015-embedded-vision-summit
For more information about embedded vision, please visit:
http://www.embedded-vision.com
Deshanand Singh, Director of Software Engineering at Altera, presents the "Efficient Implementation of Convolutional Neural Networks using OpenCL on FPGAs" tutorial at the May 2015 Embedded Vision Summit.
Convolutional neural networks (CNN) are becoming increasingly popular in embedded applications such as vision processing and automotive driver assistance systems. The structure of CNN systems is characterized by cascades of FIR filters and transcendental functions. FPGA technology offers a very efficient way of implementing these structures by allowing designers to build custom hardware datapaths that implement the CNN structure. One challenge of using FPGAs revolves around the design flow that has been traditionally centered around tedious hardware description languages.
In this talk, Deshanand gives a detailed explanation of how CNN algorithms can be expressed in OpenCL and compiled directly to FPGA hardware. He gives detail on code optimizations and provides comparisons with the efficiency of hand-coded implementations.
For the full video of this presentation, please visit:
http://www.embedded-vision.com/platinum-members/arm/embedded-vision-training/videos/pages/may-2016-embedded-vision-summit-iodice
For more information about embedded vision, please visit:
http://www.embedded-vision.com
Gian Marco Iodice, Software Engineer at ARM, presents the "Using SGEMM and FFTs to Accelerate Deep Learning" tutorial at the May 2016 Embedded Vision Summit.
Matrix Multiplication and the Fast Fourier Transform are numerical foundation stones for a wide range of scientific algorithms. With the emergence of deep learning, they are becoming even more important, particularly as use cases extend into mobile and embedded devices. In this presentation, lodice discusses and analyzes how these two key, computationally-intensive algorithms can be used to gain significant performance improvements for convolutional neural network (CNN) implementations.
After a brief introduction to the nature of CNN computations, Iodice explores the use of GEMM (General Matrix Multiplication) and mixed-radix FFTs to accelerate 3D convolution. He shows examples of OpenCL implementations of these functions and highlights their advantages, limitations and trade-offs. Central to the techniques explored is an emphasis on cache-efficient memory accesses and the crucial role of reduced-precision data types.
GPUs are specialized processors designed for graphics processing. CUDA (Compute Unified Device Architecture) allows general purpose programming on NVIDIA GPUs. CUDA programs launch kernels across a grid of blocks, with each block containing multiple threads that can cooperate. Threads have unique IDs and can access different memory types including shared, global, and constant memory. Applications that map well to this architecture include physics simulations, image processing, and other data-parallel workloads. The future of CUDA includes more general purpose uses through GPGPU and improvements in virtual memory, size, and cooling.
Rendering Battlefield 4 with Mantle by Johan Andersson - AMD at GDC14AMD Developer Central
Johan Andersson will show how the Frostbite 3 game engine is using the low-level graphics API Mantle to deliver significantly improved performance in Battlefield 4 on PC and future games from Electronic Arts in this presentation from the 2014 Game Developers Conference in San Francisco March 17-21. Also view this and other presentations on our developer website at http://developer.amd.com/resources/documentation-articles/conference-presentations/
Use Variable Rate Shading (VRS) to Improve the User Experience in Real-Time G...Intel® Software
Variable-rate shading (VRS) is a new feature of Microsoft DirectX* 12 and is supported on the 11th generation of Intel® graphics hardware. Get an overview and learn best practices, recommendations, and how to modify traditional 3D effects to take advantage of VRS.
HC-4020, Enhancing OpenCL performance in AfterShot Pro with HSA, by Michael W...AMD Developer Central
Presentation Hc-4020, Enhancing OpenCL performance in AfterShot Pro with HSA, by Michael Wootton at the AMD Developer Summit (APU13) November 11-13, 2013.
The document summarizes a presentation given by Stephan Hodes on optimizing performance for AMD's Graphics Core Next (GCN) architecture. The presentation covers key aspects of the GCN architecture, including compute units, registers, and latency hiding. It then provides a top 10 list of performance advice for GCN, such as using DirectCompute threads in groups of 64, avoiding over-tessellation, keeping shader pipelines short, and batching drawing calls.
PANDEMONIUM: Automated Identification of Cryptographic Algorithms using Dynam...CODE BLUE
Malware utilize many cryptographic algorithms.
To fight against malware, analysts have to reveal details on malware activities.
Accordingly, it is important to identify cryptographic algorithms used in malware.
In this track, I propose a faster and extensible method to automatically detect known cryptographic algorithms in malware using dynamic binary instrumentation and fuzzy hashing.
Georgy Nosenko - An introduction to the use SMT solvers for software securityDefconRussia
The document discusses how SMT solvers can be used for software security applications such as bug hunting, exploit generation, protection analysis, and malware analysis by modeling portions of code or algorithms as logical formulas that can then be analyzed using an SMT solver to prove properties or generate inputs. It provides examples of how SMT solvers have been used to find integer overflows, help with program verification, and aid in defeating simple hashing algorithms.
How to do Cryptography right in Android Part OneArash Ramez
This document provides an overview of cryptography concepts and best practices for implementing cryptography securely in Android applications. It discusses encryption algorithms like AES and RSA, key management practices, and the Android Keystore system which allows storing cryptographic keys in a hardware-backed secure container. It highlights that the hardest part of encryption is key management and outlines practices to avoid like storing keys with encrypted data or in plain text in code.
This document discusses information security and ethical hacking. It provides an overview of common security threats like viruses, worms, Trojan horses, and keyloggers. It then demonstrates how to conduct various hacking techniques like cracking passwords, creating viruses, exploiting SQL injection vulnerabilities, and performing phishing attacks. The document encourages learning these hacking methods but also provides some tips for security like using antivirus software and firewalls, as well as how to identify phishing emails and attacks.
This document discusses the RSA network security approach. It begins with an introduction to RSA, describing how it uses large prime numbers and exponentiation to encrypt and decrypt messages. It also discusses how RSA can be used for both encryption and digital signatures to provide authentication. The document then covers symmetric and public key cryptography concepts before focusing more on the specifics of the RSA algorithm and its use for secure network communications.
SAST, CWE, SEI CERT and other smart words from the information security worldAndrey Karpov
This document discusses static application security testing (SAST) and how it can help detect vulnerabilities in code. It provides background on how code bases and error densities are growing over time. It then discusses various standards and classifications for weaknesses and vulnerabilities, such as CWE, CVE, MISRA, and SEI CERT. It emphasizes that SAST tools can help detect vulnerabilities early and provide coverage of entire code bases, but may produce false positives. Finally, it suggests introducing SAST tools correctly through configuration, continuous integration, and addressing warnings as technical debt.
This document compares and analyzes various encryption algorithms based on different parameters such as key length, block size, security level, and encryption speed. It finds that Elliptic Curve Cryptography (ECC) and Blowfish algorithms provide the highest levels of security while also having fast encryption speeds. Of the two, Blowfish is considered the best choice as no successful attacks have been made against it so far. Blowfish is also analyzed in more depth, with its structure, security features, and advantages over other algorithms like AES described. References are provided to support the analysis and conclusions.
Analysis of symmetric key cryptographic algorithmsIRJET Journal
This document analyzes and compares several symmetric key cryptographic algorithms. It begins with an introduction about the importance of data security and encryption. Then it provides an overview of symmetric key cryptography and describes the basic process of using a shared secret key for encryption and decryption. The rest of the document summarizes and compares the most common symmetric algorithms including DES, 3DES, IDEA, AES, RC4, RC5, RC6, and Blowfish. It analyzes the key details of how each algorithm works including block size, number of rounds, and security issues. The conclusion is that symmetric key cryptography is important for data security and continues to be improved through ongoing research.
This document discusses optimizing computer vision algorithms on mobile platforms. It recommends first optimizing the algorithm itself before pursuing technical optimizations. Using SIMD instructions can provide a performance boost of up to 4x by processing multiple data elements simultaneously. Libraries can help with vectorization but may not be fully optimized; intrinsics provide more control but require platform-specific code. Handcrafting SIMD assembly code can yield the best performance but is also the most difficult. GPUs via OpenGL ES can provide over an order of magnitude speedup for tasks like image processing but come with limitations on mobile.
The document discusses cryptographic systems and symmetric cryptography. It defines cryptographic systems as methods for hiding data so only certain people can view it. Symmetric cryptography, also called secret key cryptography, uses a single key for both encryption and decryption. Common symmetric algorithms discussed include AES, DES, Triple DES, RC4, Blowfish and Twofish.
This document describes Tharindu Weerasinghe's MSc research project on developing a hybrid cipher by combining a block cipher and a stream cipher. It summarizes the background on block ciphers like DES and stream ciphers like RC4. It then describes the researcher's algorithm that first encrypts plaintext using 3DES (a block cipher) and then RC4 (a stream cipher), and decrypts in the reverse order. The document discusses the benefits of combining ciphers and addresses some vulnerabilities of using block and stream ciphers individually. It also mentions the researcher implemented the algorithm in Java and measured encryption/decryption times.
Media parsing is known as one of the weakest components of every consumer system. It often operates complex data structures in the most performant way possible, which is at odds with security requirements, such as attack surface minimization, compartmentalization, and privilege separation. Compared to other operating systems, video decoding on MacOS/iOS is an interesting case for two different reasons. First, instead of running in usermode, a considerable portion of format parsing is implemented in a kernel extension called AppleAVD, exposing the kernel to additional remote attack vectors. Second, recent anonymous reports suggest that AppleAVD may have been exploited in the wild. Our talk investigates AppleAVD kernel extension in-depth, covering video decoding subsystem internals, analysis of vulnerabilities, and ways to exploit them.
Overview on Cryptography and Network SecurityDr. Rupa Ch
These slides give some overview on the the concepts which were in Crytography and network security. I have prepared these slides by the experiece after refer the text bbok as well as resources from the net. Added figures directly from the references. I would like to acknowledge all the authors by originally.
Live Memory Forensics on Android devicesNikos Gkogkos
This presentation deals with some RAM forensics on the Android OS using the LiME tool for getting a RAM dump and the Volatility framework for the analysis part!
This document provides information about cipher-based encryption in Java, including:
- It describes common cipher categories like block ciphers and stream ciphers, and symmetric vs asymmetric key algorithms.
- It explains the Cipher class in Java and algorithms supported like DES, Triple DES, and Blowfish. It also covers cipher modes like ECB, CBC, CFB and padding schemes.
- It provides details on how to use the Cipher class to initialize ciphers, encrypt/decrypt data by feeding it in blocks, and obtaining results. It includes a sample code example.
- It discusses special considerations for initializing password-based ciphers that require a salt and iteration count.
Secure integration of cryptographic software. By modeling the variability in cryptography components, we help application developers configure the cryptography tasks they need. Presented at ONWARD! '15 in Pittsburgh.
Peter Gutmann Presentation - CSO Perspectives Roadshow Auckland 9th Mar 2015CSO_Presentations
The document discusses the NSA program BULLRUN, which aimed to weaken encryption standards and bypass encryption. It was funded $250-300 million per year, a bargain compared to other programs. The NSA pushed weak encryption standards like Dual_EC_DRBG and coerced companies into handing over encryption keys. In practice, the NSA hacked targets by exploiting other vulnerabilities rather than breaking encryption directly, as encryption is usually bypassed through simpler means. Metrics show that even weak crypto is rarely attacked when easier methods exist.
Similar to SE-4128, DRM: From software secrets to hardware protection, by Rod Schultz (20)
This document discusses new graphics APIs like DX12 and Vulkan that aim to provide lower overhead and more direct hardware access compared to earlier APIs. It covers topics like increased parallelism, explicit memory management using descriptor sets and pipelines, and best practices like batching draw calls and using multiple asynchronous queues. Overall, the new APIs allow more explicit control over GPU hardware for improved performance but require following optimization best practices around areas like parallelism, memory usage, and command batching.
AMD’s math libraries can support a range of programmers from hobbyists to ninja programmers. Kent Knox from AMD’s library team introduces you to OpenCL libraries for linear algebra, FFT, and BLAS, and shows you how to leverage the speed of OpenCL through the use of these libraries.
Review the material presented in the AMD Math libraries webinar in this deck.
For more:
Visit the AMD Developer Forums:http://devgurus.amd.com/welcome
Watch the replay: www.youtube.com/user/AMDDevCentral
Follow us on Twitter: https://twitter.com/AMDDevCentral
This is the slide deck from the popular "Introduction to Node.js" webinar with AMD and DevelopIntelligence, presented by Joshua McNeese. Watch our AMD Developer Central YouTube channel for the replay at https://www.youtube.com/user/AMDDevCentral.
An Introduction to OpenCL™ Programming with AMD GPUs - AMD & Acceleware WebinarAMD Developer Central
This deck presents highlights from the Introduction to OpenCL™ Programming Webinar presented by Acceleware & AMD on Sept. 17, 2014. Watch a replay of this popular webinar on the AMD Dev Central YouTube channel here: https://www.youtube.com/user/AMDDevCentral or here for the direct link: http://bit.ly/1r3DgfF
This Webinar explores a variety of new and updated features in Java 8, and discuss how these changes can positively impact your day-to-day programming.
Watch the video replay here: http://bit.ly/1vStxKN
Your Webinar presenter, Marnie Knue, is an instructor for Develop Intelligence and has taught Sun & Oracle certified Java classes, RedHat JBoss administration, Spring, and Hibernate. Marnie also has spoken at JavaOne.
The Small Batch (and other) solutions in Mantle API, by Guennadi Riguer, Mant...AMD Developer Central
This presentation discusses the Mantle API, what it is, why choose it, and abstraction level, small batch performance and platform efficiency.
Download the presentation from the AMD Developer website here: http://bit.ly/TrEUeC
The document is about an AMD and Microsoft Game Developer Day event held in Stockholm, Sweden on June 2, 2014. It provides the date and location of the event multiple times but no other details.
Mantle allows Battlefield 4 to significantly improve CPU and GPU performance compared to DirectX 11. The game utilizes Mantle's low-level access to optimize shader compilation, pipeline state management, asynchronous compute and memory handling. Multi-GPU rendering is supported through Alternate Frame Rendering where resources are duplicated and updated asynchronously across GPUs.
Low-level Shader Optimization for Next-Gen and DX11 by Emil PerssonAMD Developer Central
The document discusses low-level shader optimization techniques for next-generation consoles and DirectX 11 hardware. It provides lessons from last year on writing efficient shader code, and examines how modern GPU hardware has evolved over the past 7-8 years. Key points include separating scalar and vector work, using hardware-mapped functions like reciprocals and trigonometric functions, and being aware of instruction throughput and costs on modern GCN-based architectures.
The document repeatedly states that AMD and Microsoft held a Game Developer Day event in Stockholm, Sweden on June 2, 2014 to work with game developers.
Direct3D 12 aims to reduce CPU overhead and increase scalability across CPU cores by allowing developers greater control over the graphics pipeline. It optimizes pipeline state handling through pipeline state objects and reduces redundant resource binding by introducing descriptor heaps and tables. Command lists and bundles further improve performance by enabling parallel command list generation and reuse of draw commands.
Holy smoke! Faster Particle Rendering using Direct Compute by Gareth ThomasAMD Developer Central
The document discusses faster particle rendering using DirectCompute. It describes using the GPU for particle simulation by taking advantage of its parallel processing capabilities. It discusses using compute shaders to simulate particle behavior, handle collisions via the depth buffer, sort particles using bitonic sort, and render particles in tiles via DirectCompute to avoid overdraw from large particles. Tiled rendering involves culling particles, building per-tile particle indices, and sorting particles within each tile before shading them in parallel threads to composite onto the scene.
Computer Vision Powered by Heterogeneous System Architecture (HSA) by Dr. Ha...AMD Developer Central
Computer Vision Powered by Heterogeneous System Architecture (HSA) by Dr. Harris Gasparakis, AMD, at the Embedded Vision Alliance Summit, May 2014.
Harris Gasparakis, Ph.D., is AMD’s OpenCV manager. In addition to enhancing OpenCV with OpenCL acceleration, he is engaged in AMD’s Computer Vision strategic planning, ISVs, and AMD Ventures engagements, including technical leadership and oversight in the AMD Gesture product line. He holds a Ph.D. in theoretical high energy physics from YITP at SUNYSB. He is credited with enabling real-time volumetric visualization and analysis in Radiology Information Systems (Terarecon), including the first commercially available virtual colonoscopy system (Vital Images). He was responsible for cutting edge medical technology (Biosense Webster, Stereotaxis, Boston Scientific), incorporating image and signal processing with AI and robotic control.
Productive OpenCL Programming An Introduction to OpenCL Libraries with Array...AMD Developer Central
This document provides an overview of OpenCL libraries for GPU programming. It discusses specialized GPU libraries like clFFT for fast Fourier transforms and Random123 for random number generation. It also covers general GPU libraries like Bolt, OpenCV, and ArrayFire. ArrayFire is highlighted as it provides a flexible array data structure and hundreds of parallel functions across domains like image processing, machine learning, and linear algebra. It supports JIT compilation and data-parallel constructs like GFOR to improve performance.
RapidFire - the Easy Route to low Latency Cloud Gaming Solutions - AMD at GDC14AMD Developer Central
RapidFire is a dedicated cloud gaming hardware and software solution from AMD that aims to simplify integration and deliver more high-definition game streams per GPU with low latency. It utilizes AMD hardware on both the server and client sides. The API provides functions for encoding and decoding video and audio streams, capturing input events, and displaying frames with low latency for cloud gaming applications. Eureva has implemented RapidFire in their Swiich solution to virtualize and stream any DirectX or OpenGL game in real-time with ultra-low latency over existing networks.
Mantle and Nitrous - Combining Efficient Engine Design with a modern API - AM...AMD Developer Central
Oxide Games Partners Dan Baker and Tim Kipp will show you how to build a high throughput renderer using the Mantle API in this AMD technology presentation from the 2014 Game Developers Conference in San Francisco March 17-21. Also view this and other presentations on our developer website at http://developer.amd.com/resources/documentation-articles/conference-presentations/
This AMD technology presentation from the 2014 Game Developers Conference in San Francisco March 17-21 explains how Mantle features can enable developers to improve both CPU and GPU performance in their titles. Also view this and other presentations at http://developer.amd.com/resources/documentation-articles/conference-presentations/
A look at how new Direct3D advancements enhance efficiency and enable fully-threaded building of command buffers in this prentation from the 2014 Game Developers Conference in San Francisco March 17-21. Also view this and other presentations on our developer website at http://developer.amd.com/resources/documentation-articles/conference-presentations/
Bill explains some of the ways that the Vertex Shader can be used to improve performance by taking a fast path through the Vertex Shader rather than generating vertices with other parts of the pipeline in this AMD technology presentation from the 2014 Game Developers Conference in San Francisco March 17-21. Check out more technical presentations at http://developer.amd.com/resources/documentation-articles/conference-presentations/
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfMalak Abu Hammad
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
“An Outlook of the Ongoing and Future Relationship between Blockchain Technologies and Process-aware Information Systems.” Invited talk at the joint workshop on Blockchain for Information Systems (BC4IS) and Blockchain for Trusted Data Sharing (B4TDS), co-located with with the 36th International Conference on Advanced Information Systems Engineering (CAiSE), 3 June 2024, Limassol, Cyprus.
UiPath Test Automation using UiPath Test Suite series, part 6DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Full-RAG: A modern architecture for hyper-personalizationZilliz
Mike Del Balso, CEO & Co-Founder at Tecton, presents "Full RAG," a novel approach to AI recommendation systems, aiming to push beyond the limitations of traditional models through a deep integration of contextual insights and real-time data, leveraging the Retrieval-Augmented Generation architecture. This talk will outline Full RAG's potential to significantly enhance personalization, address engineering challenges such as data management and model training, and introduce data enrichment with reranking as a key solution. Attendees will gain crucial insights into the importance of hyperpersonalization in AI, the capabilities of Full RAG for advanced personalization, and strategies for managing complex data integrations for deploying cutting-edge AI solutions.
AI-Powered Food Delivery Transforming App Development in Saudi Arabia.pdfTechgropse Pvt.Ltd.
In this blog post, we'll delve into the intersection of AI and app development in Saudi Arabia, focusing on the food delivery sector. We'll explore how AI is revolutionizing the way Saudi consumers order food, how restaurants manage their operations, and how delivery partners navigate the bustling streets of cities like Riyadh, Jeddah, and Dammam. Through real-world case studies, we'll showcase how leading Saudi food delivery apps are leveraging AI to redefine convenience, personalization, and efficiency.
Generating privacy-protected synthetic data using Secludy and MilvusZilliz
During this demo, the founders of Secludy will demonstrate how their system utilizes Milvus to store and manipulate embeddings for generating privacy-protected synthetic data. Their approach not only maintains the confidentiality of the original data but also enhances the utility and scalability of LLMs under privacy constraints. Attendees, including machine learning engineers, data scientists, and data managers, will witness first-hand how Secludy's integration with Milvus empowers organizations to harness the power of LLMs securely and efficiently.
HCL Notes and Domino License Cost Reduction in the World of DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/
The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this!
We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model.
Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward.
These topics will be covered
- Reducing license cost by finding and fixing misconfigurations and superfluous accounts
- How do CCB and CCX licenses really work?
- Understanding the DLAU tool and how to best utilize it
- Tips for common problem areas, like team mailboxes, functional/test users, etc
- Practical examples and best practices to implement right away
CAKE: Sharing Slices of Confidential Data on BlockchainClaudio Di Ciccio
Presented at the CAiSE 2024 Forum, Intelligent Information Systems, June 6th, Limassol, Cyprus.
Synopsis: Cooperative information systems typically involve various entities in a collaborative process within a distributed environment. Blockchain technology offers a mechanism for automating such processes, even when only partial trust exists among participants. The data stored on the blockchain is replicated across all nodes in the network, ensuring accessibility to all participants. While this aspect facilitates traceability, integrity, and persistence, it poses challenges for adopting public blockchains in enterprise settings due to confidentiality issues. In this paper, we present a software tool named Control Access via Key Encryption (CAKE), designed to ensure data confidentiality in scenarios involving public blockchains. After outlining its core components and functionalities, we showcase the application of CAKE in the context of a real-world cyber-security project within the logistics domain.
Paper: https://doi.org/10.1007/978-3-031-61000-4_16
Your One-Stop Shop for Python Success: Top 10 US Python Development Providersakankshawande
Simplify your search for a reliable Python development partner! This list presents the top 10 trusted US providers offering comprehensive Python development services, ensuring your project's success from conception to completion.
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Infrastructure Challenges in Scaling RAG with Custom AI modelsZilliz
Building Retrieval-Augmented Generation (RAG) systems with open-source and custom AI models is a complex task. This talk explores the challenges in productionizing RAG systems, including retrieval performance, response synthesis, and evaluation. We’ll discuss how to leverage open-source models like text embeddings, language models, and custom fine-tuned models to enhance RAG performance. Additionally, we’ll cover how BentoML can help orchestrate and scale these AI components efficiently, ensuring seamless deployment and management of RAG systems in the cloud.
Ocean lotus Threat actors project by John Sitima 2024 (1).pptxSitimaJohn
Ocean Lotus cyber threat actors represent a sophisticated, persistent, and politically motivated group that poses a significant risk to organizations and individuals in the Southeast Asian region. Their continuous evolution and adaptability underscore the need for robust cybersecurity measures and international cooperation to identify and mitigate the threats posed by such advanced persistent threat groups.
7. Security and DRM are
made of the same blocks
• Same Encryption algorithms
• Same Protocols
• Same Key exchange mechanisms
• Environments each run in (security vs
DRM) are very different
• What they are designed to protect are
different
15. Why have we not seen
this in the movie industry?
• Different types of content have different
business models
• What movie won the best picture in 2010?
• When’s the last time you watched it?
16.
17. • Movies are usually watched once
• Music is listened to over and over
• Music has transitioned from scarcity of product
(CDs and tracks) to scarcity of experience
(concerts)
• Music artists have switched to a new revenue
stream
• The movie industry still relies on scarcity of
product and delivers that to you via different
mechanisms
Consumption of music and movies
is different
27. Key Takeaway for DRM:
Good software design is not
necessarily good DRM design
Module 1 Module 2 Module 3
Module 4 Module 5 Module 6
Module 1
Module 2
Module 3
Module 4
Module 5
Module 6
28. • The fundamental building block of
protection in a DRM is encryption/
decryption
• Mathematically protect the assets you want
to control
To build a DRM
you need cryptography
33. Traditional Cryptography:
• Design of algorithms and protocols to
protect a communication channel (secret
messages, credit cards...)
• End points are assumed to be trusted and
safe
• Attacker has access to what it can capture
on the wire
• Delivery of key to end points is very hard
Trusted(End(
Point
Trusted(End(
Point
Untrusted(World(/(
Untrusted(Network
Secret&Key Secret&Key
34.
35. Dear NSA,
Please stop listening to my fu**ing phone calls.
Love,
Angela Merkel ....................../´¯/) !
....................,/¯../ !
.................../..../ !
............./´¯/'...'/´¯¯`·¸ !
........../'/.../..../......./¨¯ !
........('(...´...´.... ¯~/'...') !
..........................'...../ !
..........''............. _.·´ !
..........................( !
..............................!
Let’s create a secret message and see
how it would be traditionally
attacked:
36. Translate text to ASCII
This:
Dear NSA, Please stop listening to my fu**ing
phone calls. Love,Angela Merkel
Becomes this:
44 65 61 72 20 4E 53 41 2C 20 50
6C 65 61 73 65 20 73 74 6F 70 20
6C 69 73 74 65 6E 69 6E 67 20 74
6F 20 6D 79 20 66 75 63 6B 69 6E
67 20 70 68 6F 6E 65 20 63 61 6C
6C 73 2E 20 4C 6F 76 65 2C 20 41
6E 67 65 6C 61 20 4D 65 72 6B 65
37. Now we need to encrypt it
• Can encrypt with any algorithm that both
the sender and receiver have
• We will use the NIST algorithm:AES
• Use a standard encryption algorithm so
that only the key needs to be exchanged
between the sender and receiver
38. Details of AES
• Advanced Encryption System
• Symmetric key algorithm that comes in
three flavors: 128, 192, and 256 bit
• Those bit lengths represent the length of
the keys
• Would take 1 billion billion years to force
break 128 bit AES
39. Now encrypt the message with 128 bit AES
(Operates on 16 byte blocks)
Plain Text:
44 65 61 72 20 4E 53 41 2C 20 50 6C 65 61 73 65
Key:
00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F
Cipher Text:
0D 1E 8A C7 87 B2 14 9D 47 A2 71 3D 2D 27 1F 5E
Plain&Text
Key
Cryptographic&
Algorithm Ciphertext
Message&
to&encrypt
Encrypted&
Message
40. How would the NSA
attack this?
• Attacker lives in the untrusted world
• Assume the message is intercepted
• The more messages the secret key is used
to protect, the more at risk the key is for
discovery
Trusted(End(
Point
Trusted(End(
Point
Untrusted(World(/(
Untrusted(Network
44. The DRM threat model:
• Attacker has total visibility into the system
and cryptographic algorithm
• Binary is completely visible to an attacker
• Attacker has full control over the
execution environment (CPU calls, memory
registers...)
• If you want a point of trust in the system,
you must build
45. Components of an
encryption algorithm
• Code that defines the algorithm
• Variables and constants of the algorithm
• Encryption/Decryption key (a special type
of variable)
• The key determines the behavior of the
algorithm
46. At any time the algorithm that is running in software is in one
of three states:
!
1. Stored on disk
2. Loaded into memory
3. Executing
On#Disk In#Memory Execu3ng
47. On#Disk In#Memory Execu3ng
State of the algorithm determines the best way to protect it
• The closer you get to the CPU with the algorithm,
the harder it is to protect it
• As you move to the CPU, you can’t just protect, you
also need to hide things
Cryptographic,
Program
Code
(Algorithm)
Variables/
Constants
Key
51. Defense 1:
Disk Encryption
• Very secure, as long as you never need to
actually run the algorithm
• The algorithm can’t be run in its encrypted
form (CPU won’t understand it)
• Only effective at static analysis attacks
52. Defense 2:
Code Obfuscation
• A defense against reverse engineering
• Modified source and machine code that is
difficult for a human to understand
53. Take code that looks like this:
{
toSub = (y<<4 ^ y>>5) + y ^ sum + k[sum>>11 & 3];
if(toSub > z)
{
// printf("Underflow toSub: 0x%0x current: 0x%0xn", toSub, z);
z = (MAX - toSub) + (z + 1);
}
else
z-= (y<<4 ^ y>>5) + y ^ sum + k[sum>>11 & 3];
sum -= delta;
toSub = (z<<4 ^ z>>5) + z ^ sum + k[sum & 3];
if(toSub > y)
y = (MAX - toSub) + (y + 1);
else
y-= (z<<4 ^ z>>5) + z ^ sum + k[sum & 3];
}
55. Defense 3:
Code Flattening
• Inputs and outputs of the algorithm are the
exact same
• Binds blocks of code into a single and very
difficult to understand monolithic block
• Used to force the attacker into spending
time pruning down the call tree
57. Switch
Block+1 Block+2 Block+3 Block+4 Block+5 Block+6 Block+7 Block+8
Condi7on
Input
Output
Control
Flow
Graph
A>er
Obfusca8on
and
Fla:ening
Have
Been
Added
To something much harder to
understand by a human:
58. Defense 4: Data Transforms
(Creating islands of trust in an
untrusted system)
59. • Map your data from one value to another (think
about it like changing the color of a number)
• Creates a mathematical barrier for the attacker
• That barrier is the boundary between your trusted
and untrusted world.
• Attacker must reverse engineer the transform
before they can get access to the true values
• Attacked by watching the CPU add and remove
transform values
60. When the attacker has
access to everything:
• Hiding a key in software is almost
impossible
• Hiding a standard cryptographic algorithm
in software is almost impossible
• Hiding a key + a standard cryptographic
algorithm is something that mathematicians
have figured out how to do
61. Defense 5:
White-box Cryptography
• A technique that allows you to hide a key
inside an algorithm
• First published in late 2002
• The breakthrough mathematical technique
that makes software DRMs possible
64. What is this really doing?
• It applies a mathematical transform to our
numbers
• Multiplication:The mathematical operation
of scaling one number by another
• Generally taught to children using a lookup
table (the times tables)
65. Why is this so cool?
• It allows us to ‘embed’ a mathematical
transform into a lookup table
• As we do our lookup, the transform is
magically applied
• Map numbers into different spaces, while
executing the encryption algorithm
• We don’t even need to know the math
70. As we move from box to box, we apply
transforms and then migrate to new ones
White&Box*AES
S1 S2
MC1 MC2
A1 A2
S3
MC3
A3
Input
AES*Output
Shi*
71. There is one very important
dependency
• For white-boxing to really work, the input
needs to have a transform already on it
• This works well for DRM, content already
has a transform on it (encryption)
73. Costs of using these
DRM defenses
• White-box cryptography increases the
binary size
• Obfuscation increases the binary size
• Execution of a cryptographic algorithm in
white-box form is very slow
• When viewed in context of video, slow
decryption can slow the video decode
74. Hardware DRM
• No need to use white-box encryption
• Keys and algorithms are protected inside of
hardware
• Faster decrypt performance
76. What we get
• A trust point has been created in the
system using AMD hardware protection
• Hide secrets inside of the hardware instead
of hiding them in white-boxes
• Execution of crypto algorithms in hardware
is much faster than white-box
77. The most important step
is seeding the root key
• AMD provisions the root DRM key into
the the HW
• The root key is used as the base protection
for all keys
78. Hardware Protection
DRM Key
(AES, RSA, ECC)
Machine Key
(1024 bit RSA)
Domain Key
(1024 bit RSA)
Key Encryption
Key(128 bit AES)
Content Encryption
Key
(128 bit AES)
Rotation Key
(128 bit AES)
Shared Domain
Keys
(1024 RSA)
Adobe Primetime HW DRM on AMD
Hardware
Remember keys protecting keys protecting
keys?
80. Some gory details on HW DRM
• Software pushes encrypted keys down into
hardware
• Software pushes down encrypted content +
an index to get back decrypted content
• Because the root key is protected all the way
down to the HW, no key is exposed in SW
81. Video Playback Engine
(Flash Player, AIR, AVE)
Machine Key
SOC
Adobe Access DRM
HW Crypto
Audio Codec
Access Indiv Server
A/V Sync
Composite
Display
Controller
Content
Server
1
4
7
Disk
Storage
Video Codec
Video Player
2 3
License
Server
8
9
Machine Key
License
License
11
12
13
5
6
10
14
Decrypted
Video Samples
Decrypted
Audio Samples
15
16
License
Translation
Machine Key
Provisioned
DRM Key
Machine Key
Overall
Architecture