Showing 1–2 of 2 results for author: Bronshtein, E

No SQL, No Injection? Examining NoSQL Security

Authors: Aviv Ron, Alexandra Shulman-Peleg, Emanuel Bronshtein

Abstract: NoSQL data storage systems have become very popular due to their scalability and ease of use. This paper examines the maturity of security measures for NoSQL databases, addressing their new query and access mechanisms. For example the emergence of new query formats makes the old SQL injection techniques irrelevant, but are NoSQL databases immune to injection in general? The answer is NO. Here we p… ▽ More NoSQL data storage systems have become very popular due to their scalability and ease of use. This paper examines the maturity of security measures for NoSQL databases, addressing their new query and access mechanisms. For example the emergence of new query formats makes the old SQL injection techniques irrelevant, but are NoSQL databases immune to injection in general? The answer is NO. Here we present a few techniques for attacking NoSQL databases such as injections and CSRF. We analyze the source of these vulnerabilities and present methodologies to mitigate the attacks. We show that this new vibrant technological area lacks the security measures and awareness which have developed over the years in traditional RDBMS SQL systems. △ Less

Submitted 12 June, 2015; originally announced June 2015.

Comments: In Proceedings of the 9th Workshop on Web 2.0 Security and Privacy (W2SP) 2015

Improved estimation of anomalous diffusion exponents in single particle tracking experiments

Authors: Eldad Kepten Irena Bronshtein, Yuval Garini

Abstract: The Mean Square Displacement is a central tool in the analysis of Single Particle Tracking experiments, shedding light on various biophysical phenomena. Frequently, parameters are extracted by performing time-averages on single particle trajectories followed by ensemble averaging. This procedure however, suffers from two systematic errors when applied to particles that perform anomalous diffusion.… ▽ More The Mean Square Displacement is a central tool in the analysis of Single Particle Tracking experiments, shedding light on various biophysical phenomena. Frequently, parameters are extracted by performing time-averages on single particle trajectories followed by ensemble averaging. This procedure however, suffers from two systematic errors when applied to particles that perform anomalous diffusion. The first is significant at short time lags and is induced by measurement errors. The second arises from the natural heterogeneity in biophysical systems. We show how to estimate and correct these two errors and improve the estimation of the anomalous parameters for the whole particle distribution. As a consequence we manage to characterize ensembles of heterogeneous particles even for rather short and noisy measurements where regular time averaged mean square displacement analysis fails. We apply this method to both simulations and in vivo measurements of telomere diffusion in 3T3 mouse embryonic fibroblast cells. The motion of telomeres is found to be subdiffusive with an average exponent constant in time. Individual telomere exponents are normally distributed around the average exponent. The proposed methodology has the potential to improve experimental accuracy while maintaining lower experimental costs and complexity. △ Less

Submitted 16 May, 2013; v1 submitted 4 December, 2012; originally announced December 2012.

Comments: 13 pages, 4 figures

Journal ref: Phys. Rev. E 87, 052713 (2013) [10 pages]