Visible to the public Biblio

Found 864 results

Filters: First Letter Of Title is T  [Clear All Filters]
A B C D E F G H I J K L M N O P Q R S [T] U V W X Y Z   [Show ALL]
Liu, Q., Wu, W., Liu, Q., Huangy, Q..  2020.  T2DNS: A Third-Party DNS Service with Privacy Preservation and Trustworthiness. 2020 29th International Conference on Computer Communications and Networks (ICCCN). :1–11.
We design a third-party DNS service named T2DNS. T2DNS serves client DNS queries with the following features: protecting clients from channel and server attackers, providing trustworthiness proof to clients, being compatible with the existing Internet infrastructure, and introducing bounded overhead. T2DNS's privacy preservation is achieved by a hybrid protocol of encryption and obfuscation, and its service proxy is implemented on Intel SGX. We overcome the challenges of scaling the initialization process, bounding the obfuscation overhead, and tuning practical system parameters. We prototype T2DNS, and experiment results show that T2DNS is fully functional, has acceptable overhead in comparison with other solutions, and is scalable to the number of clients.
Di Noia, Tommaso, Malitesta, Daniele, Merra, Felice Antonio.  2020.  TAaMR: Targeted Adversarial Attack against Multimedia Recommender Systems. 2020 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W). :1–8.
Deep learning classifiers are hugely vulnerable to adversarial examples, and their existence raised cybersecurity concerns in many tasks with an emphasis on malware detection, computer vision, and speech recognition. While there is a considerable effort to investigate attacks and defense strategies in these tasks, only limited work explores the influence of targeted attacks on input data (e.g., images, textual descriptions, audio) used in multimedia recommender systems (MR). In this work, we examine the consequences of applying targeted adversarial attacks against the product images of a visual-based MR. We propose a novel adversarial attack approach, called Target Adversarial Attack against Multimedia Recommender Systems (TAaMR), to investigate the modification of MR behavior when the images of a category of low recommended products (e.g., socks) are perturbed to misclassify the deep neural classifier towards the class of more recommended products (e.g., running shoes) with human-level slight images alterations. We explore the TAaMR approach studying the effect of two targeted adversarial attacks (i.e., FGSM and PGD) against input pictures of two state-of-the-art MR (i.e., VBPR and AMR). Extensive experiments on two real-world recommender fashion datasets confirmed the effectiveness of TAaMR in terms of recommendation lists changing while keeping the original human judgment on the perturbed images.
Issa, H., Tar, J. K..  2020.  Tackling Actuator Saturation in Fixed Point Iteration-based Adaptive Control. 2020 IEEE 14th International Symposium on Applied Computational Intelligence and Informatics (SACI). :000221–000226.
The limited output of various drives means a challenge in controller design whenever the acceleration need of the "nominal trajectory to be tracked" temporarily exceeds the abilities of the saturated control system. The prevailing control design methods can tackle this problem either in a single theoretical step or in two consecutive steps. In this latter case in the first step the design happens without taking into account the actuator constraints, then apply a saturation compensator if the phenomenon of windup is observed. In the Fixed Point Iteration- based Adaptive Control (FPIAC) that has been developed as an alternative of the Lyapunov function-based approach the actuator saturation causes problems in its both elementary levels: in the kinematic/kinetic level where the desired acceleration is calculated, and in the iterative process that compensates the effects of modeling errors of the dynamic system under control and that of the external disturbances. The here presented approach tackles this problem in both levels by relatively simple considerations. To illustrate the method's efficiency simulation investigations were done in the FPIAC control of a modification of the van der Pol oscillator to which an additional strongly nonlinear term was added.
Wheelus, C., Bou-Harb, E., Zhu, X..  2018.  Tackling Class Imbalance in Cyber Security Datasets. 2018 IEEE International Conference on Information Reuse and Integration (IRI). :229–232.
It is clear that cyber-attacks are a danger that must be addressed with great resolve, as they threaten the information infrastructure upon which we all depend. Many studies have been published expressing varying levels of success with machine learning approaches to combating cyber-attacks, but many modern studies still focus on training and evaluating with very outdated datasets containing old attacks that are no longer a threat, and also lack data on new attacks. Recent datasets like UNSW-NB15 and SANTA have been produced to address this problem. Even so, these modern datasets suffer from class imbalance, which reduces the efficacy of predictive models trained using these datasets. Herein we evaluate several pre-processing methods for addressing the class imbalance problem; using several of the most popular machine learning algorithms and a variant of UNSW-NB15 based upon the attributes from the SANTA dataset.
Yaseen, Q., Panda, B..  2012.  Tackling Insider Threat in Cloud Relational Databases. 2012 IEEE Fifth International Conference on Utility and Cloud Computing. :215—218.
Cloud security is one of the major issues that worry individuals and organizations about cloud computing. Therefore, defending cloud systems against attacks such asinsiders' attacks has become a key demand. This paper investigates insider threat in cloud relational database systems(cloud RDMS). It discusses some vulnerabilities in cloud computing structures that may enable insiders to launch attacks, and shows how load balancing across multiple availability zones may facilitate insider threat. To prevent such a threat, the paper suggests three models, which are Peer-to-Peer model, Centralized model and Mobile-Knowledgebase model, and addresses the conditions under which they work well.
Hassan, Wajih Ul, Bates, Adam, Marino, Daniel.  2020.  Tactical Provenance Analysis for Endpoint Detection and Response Systems. 2020 IEEE Symposium on Security and Privacy (SP). :1172–1189.
Endpoint Detection and Response (EDR) tools provide visibility into sophisticated intrusions by matching system events against known adversarial behaviors. However, current solutions suffer from three challenges: 1) EDR tools generate a high volume of false alarms, creating backlogs of investigation tasks for analysts; 2) determining the veracity of these threat alerts requires tedious manual labor due to the overwhelming amount of low-level system logs, creating a "needle-in-a-haystack" problem; and 3) due to the tremendous resource burden of log retention, in practice the system logs describing long-lived attack campaigns are often deleted before an investigation is ever initiated.This paper describes an effort to bring the benefits of data provenance to commercial EDR tools. We introduce the notion of Tactical Provenance Graphs (TPGs) that, rather than encoding low-level system event dependencies, reason about causal dependencies between EDR-generated threat alerts. TPGs provide compact visualization of multi-stage attacks to analysts, accelerating investigation. To address EDR's false alarm problem, we introduce a threat scoring methodology that assesses risk based on the temporal ordering between individual threat alerts present in the TPG. In contrast to the retention of unwieldy system logs, we maintain a minimally-sufficient skeleton graph that can provide linkability between existing and future threat alerts. We evaluate our system, RapSheet, using the Symantec EDR tool in an enterprise environment. Results show that our approach can rank truly malicious TPGs higher than false alarm TPGs. Moreover, our skeleton graph reduces the long-term burden of log retention by up to 87%.
Hou, Dai, Han, Hao, Novak, Ed.  2020.  TAES: Two-factor Authentication with End-to-End Security against VoIP Phishing. 2020 IEEE/ACM Symposium on Edge Computing (SEC). :340—345.
In the current state of communication technology, the abuse of VoIP has led to the emergence of telecommunications fraud. We urgently need an end-to-end identity authentication mechanism to verify the identity of the caller. This paper proposes an end-to-end, dual identity authentication mechanism to solve the problem of telecommunications fraud. Our first technique is to use the Hermes algorithm of data transmission technology on an unknown voice channel to transmit the certificate, thereby authenticating the caller's phone number. Our second technique uses voice-print recognition technology and a Gaussian mixture model (a general background probabilistic model) to establish a model of the speaker to verify the caller's voice to ensure the speaker's identity. Our solution is implemented on the Android platform, and simultaneously tests and evaluates transmission efficiency and speaker recognition. Experiments conducted on Android phones show that the error rate of the voice channel transmission signature certificate is within 3.247 %, and the certificate signature verification mechanism is feasible. The accuracy of the voice-print recognition is 72%, making it effective as a reference for identity authentication.
Małowidzki, Marek, Hermanowski, Damian, Bereziński, Przemysław.  2019.  TAG: Topological Attack Graph Analysis Tool. 2019 3rd Cyber Security in Networking Conference (CSNet). :158–160.
Attack graphs are a relatively new - at least, from the point of view of a practical usage - method for modeling multistage cyber-attacks. They allow to understand how seemingly unrelated vulnerabilities may be combined together by an attacker to form a chain of hostile actions that enable to compromise a key resource. An attack graph is also the starting point for providing recommendations for corrective actions that would fix or mask security problems and prevent the attacks. In the paper, we propose TAG, a topological attack graph analysis tool designed to support a user in a security evaluation and countermeasure selection. TAG employs an improved version of MulVAL inference engine, estimates a security level on the basis of attack graph and attack paths scoring, and recommends remedial actions that improve the security of the analyzed system.
Donkers, Tim, Loepp, Benedikt, Ziegler, Jürgen.  2016.  Tag-Enhanced Collaborative Filtering for Increasing Transparency and Interactive Control. Proceedings of the 2016 Conference on User Modeling Adaptation and Personalization. :169–173.
To increase transparency and interactive control in Recommender Systems, we extended the Matrix Factorization technique widely used in Collaborative Filtering by learning an integrated model of user-generated tags and latent factors derived from user ratings. Our approach enables users to manipulate their preference profile expressed implicitly in the (intransparent) factor space through explicitly presented tags. Furthermore, it seems helpful in cold-start situations since user preferences can be elicited via meaningful tags instead of ratings. We evaluate this approach and present a user study that to our knowledge is the most extensive empirical study of tag-enhanced recommending to date. Among other findings, we obtained promising results in terms of recommendation quality and perceived transparency, as well as regarding user experience, which we analyzed by Structural Equation Modeling.
Yi-Hui Chen, Chi-Shiang Chan, Po-Yu Hsu, Wei-Lin Huang.  2014.  Tagged visual cryptography with access control. Multimedia and Expo Workshops (ICMEW), 2014 IEEE International Conference on. :1-5.

Visual cryptography is a way to encrypt the secret image into several meaningless share images. Noted that no information can be obtained if not all of the shares are collected. Stacking the share images, the secret image can be retrieved. The share images are meaningless to owner which results in difficult to manage. Tagged visual cryptography is a skill to print a pattern onto meaningless share images. After that, users can easily manage their own share images according to the printed pattern. Besides, access control is another popular topic to allow a user or a group to see the own authorizations. In this paper, a self-authentication mechanism with lossless construction ability for image secret sharing scheme is proposed. The experiments provide the positive data to show the feasibility of the proposed scheme.

Saeed, Ahmed, Ahmadinia, Ali, Just, Mike.  2016.  Tag-Protector: An Effective and Dynamic Detection of Out-of-bound Memory Accesses. Proceedings of the Third Workshop on Cryptography and Security in Computing Systems. :31–36.

Programming languages permitting immediate memory accesses through pointers often result in applications having memory-related errors, which may lead to unpredictable failures and security vulnerabilities. A light-weight solution is presented in this paper to tackle such illegal memory accesses dynamically in C/C++ based applications. We propose a new and effective method of instrumenting an application's source code at compile time in order to detect out-of-bound memory accesses. It is based on creating tags, to be coupled with each memory allocation and then placing additional tag checking instructions for each access made to the memory. The proposed solution is evaluated by instrumenting applications from the BugBench benchmark suite and publicly available benchmark software, Runtime Intrusion Prevention Evaluator (RIPE), detecting all the bugs successfully. The performance and memory overhead is further analysed by instrumenting and executing real world applications.

Sun, Wei.  2021.  Taguard: Exposing the Location of Active Eavesdropper in Passive RFID System. 2021 IEEE International Conference on Pervasive Computing and Communications Workshops and other Affiliated Events (PerCom Workshops). :360—363.

This paper exploits the possibility of exposing the location of active eavesdropper in commodity passive RFID system. Such active eavesdropper can activate the commodity passive RFID tags to achieve data eavesdropping and jamming. In this paper, we show that these active eavesdroppers can be significantly detrimental to the commodity passive RFID system on RFID data security and system feasibility. We believe that the best way to defeat the active eavesdropper in the commodity passive RFID system is to expose the location of the active eavesdropper and kick it out. To do so, we need to localize the active eavesdropper. However, we cannot extract the channel from the active eavesdropper, since we do not know what the active eavesdropper's transmission and the interference from the tag's backscattered signals. So, we propose an approach to mitigate the tag's interference and cancel out the active eavesdropper's transmission to obtain the subtraction-and-division features, which will be used as the input of the machine learning model to predict the location of active eavesdropper. Our preliminary results show the average accuracy of 96% for predicting the active eavesdropper's position in four grids of the surveillance plane.

Liu, Xin, London, Kati.  2016.  T.A.I: A Tangible AI Interface to Enhance Human-Artificial Intelligence (AI) Communication Beyond the Screen. Proceedings of the 2016 ACM Conference on Designing Interactive Systems. :281–285.

Social and emotional intelligence of computer systems is increasingly important in human-AI (Artificial Intelligence) interactions. This paper presents a tangible AI interface, T.A.I, that enhances physical engagement in digital communication between users and a conversational AI agent. We describe a compact, pneumatically shape-changing hardware design with a rich set of physical gestures that actuate on mobile devices during real-time conversations. Our user study suggests that the physical presence provided by T.A.I increased users' empathy for, and social connection with the virtual intelligent system, leading to an improved Human-AI communication experience.

Hiller, Jens, Pennekamp, Jan, Dahlmanns, Markus, Henze, Martin, Panchenko, Andriy, Wehrle, Klaus.  2019.  Tailoring Onion Routing to the Internet of Things: Security and Privacy in Untrusted Environments. 2019 IEEE 27th International Conference on Network Protocols (ICNP). :1–12.
An increasing number of IoT scenarios involve mobile, resource-constrained IoT devices that rely on untrusted networks for Internet connectivity. In such environments, attackers can derive sensitive private information of IoT device owners, e.g., daily routines or secret supply chain procedures, when sniffing on IoT communication and linking IoT devices and owner. Furthermore, untrusted networks do not provide IoT devices with any protection against attacks from the Internet. Anonymous communication using onion routing provides a well-proven mechanism to keep the relationship between communication partners secret and (optionally) protect against network attacks. However, the application of onion routing is challenged by protocol incompatibilities and demanding cryptographic processing on constrained IoT devices, rendering its use infeasible. To close this gap, we tailor onion routing to the IoT by bridging protocol incompatibilities and offloading expensive cryptographic processing to a router or web server of the IoT device owner. Thus, we realize resource-conserving access control and end-to-end security for IoT devices. To prove applicability, we deploy onion routing for the IoT within the well-established Tor network enabling IoT devices to leverage its resources to achieve the same grade of anonymity as readily available to traditional devices.
Chen, Jim Q..  2017.  Take the rein of cyber deterrence. 2017 International Conference on Cyber Conflict (CyCon U.S.). :29–35.
Deterrence is badly needed in the cyber domain but it is hard to be achieved. Why is conventional deterrence not working effectively in the cyber domain? What specific characteristics should be considered when deterrence strategies are developed in this man-made domain? These are the questions that this paper intends to address. The research conducted helps to reveal what cyber deterrence can do and what it cannot do so that focus can be put on the enhancement of what it can do. To include varied perspectives, literature review is conducted. Some research works are specifically examined. Based on these studies, this research proposes a holistic approach in cyber deterrence that is empowered by artificial intelligence and machine learning. This approach is capable of making sudden, dynamic, stealthy, and random changes initiated by different contexts. It is able to catch attackers by surprise. The surprising and changing impact inflicts a cost on attackers and makes them to re-calculate the benefits that they might gain through further attacks, thus discouraging or defeating adversaries both mentally and virtually, and eventually controlling escalation of cyber conflicts.
Castanhel, Gabriel R., Heinrich, Tiago, Ceschin, Fabrício, Maziero, Carlos.  2021.  Taking a Peek: An Evaluation of Anomaly Detection Using System calls for Containers. 2021 IEEE Symposium on Computers and Communications (ISCC). :1—6.
The growth in the use of virtualization in the last ten years has contributed to the improvement of this technology. The practice of implementing and managing this type of isolated environment raises doubts about the security of such systems. Considering the host's proximity to a container, approaches that use anomaly detection systems attempt to monitor and detect unexpected behavior. Our work aims to use system calls to identify threats within a container environment, using machine learning based strategies to distinguish between expected and unexpected behaviors (possible threats).
Nilă, Constantin, Patriciu, Victor.  2020.  Taking advantage of unsupervised learning in incident response. 2020 12th International Conference on Electronics, Computers and Artificial Intelligence (ECAI). :1–6.
This paper looks at new ways to improve the necessary time for incident response triage operations. By employing unsupervised K-means, enhanced by both manual and automated feature extraction techniques, the incident response team can quickly and decisively extrapolate malicious web requests that concluded to the investigated exploitation. More precisely, we evaluated the benefits of different visualization enhancing methods that can improve feature selection and other dimensionality reduction techniques. Furthermore, early tests of the gross framework have shown that the necessary time for triage is diminished, more so if a hybrid multi-model is employed. Our case study revolved around the need for unsupervised classification of unknown web access logs. However, the demonstrated principals may be considered for other applications of machine learning in the cybersecurity domain.
Thimmaraju, Kashyap, Shastry, Bhargava, Fiebig, Tobias, Hetzelt, Felicitas, Seifert, Jean-Pierre, Feldmann, Anja, Schmid, Stefan.  2018.  Taking Control of SDN-Based Cloud Systems via the Data Plane. Proceedings of the Symposium on SDN Research. :1:1-1:15.

Virtual switches are a crucial component of SDN-based cloud systems, enabling the interconnection of virtual machines in a flexible and "software-defined" manner. This paper raises the alarm on the security implications of virtual switches. In particular, we show that virtual switches not only increase the attack surface of the cloud, but virtual switch vulnerabilities can also lead to attacks of much higher impact compared to traditional switches. We present a systematic security analysis and identify four design decisions which introduce vulnerabilities. Our findings motivate us to revisit existing threat models for SDN-based cloud setups, and introduce a new attacker model for SDN-based cloud systems using virtual switches. We demonstrate the practical relevance of our analysis using a case study with Open vSwitch and OpenStack. Employing a fuzzing methodology, we find several exploitable vulnerabilities in Open vSwitch. Using just one vulnerability we were able to create a worm that can compromise hundreds of servers in a matter of minutes. Our findings are applicable beyond virtual switches: NFV and high-performance fast path implementations face similar issues. This paper also studies various mitigation techniques and discusses how to redesign virtual switches for their integration.

Shillair, Ruth.  2016.  Talking About Online Safety: A Qualitative Study Exploring the Cybersecurity Learning Process of Online Labor Market Workers. Proceedings of the 34th ACM International Conference on the Design of Communication. :21:1–21:9.

Technological changes bring great efficiencies and opportunities; however, they also bring new threats and dangers that users are often ill prepared to handle. Some individuals have training at work or school while others have family or friends to help them. However, there are few widely known or ubiquitous educational programs to inform and motivate users to develop safe cybersecurity practices. Additionally, little is known about learning strategies in this domain. Understanding how active Internet users have learned their security practices can give insight into more effective learning methods. I surveyed 800 online labor workers to discover their learning processes. They shared how they had to construct their own schema and negotiate meaning in a complex domain. Findings suggest a need to help users build a dynamic mental model of security. Participants recommend encouraging participatory and constructive learning, multi-model dissemination, and ubiquitous opportunities for learning security behaviors.

Janak, Jan, Retty, Hema, Chee, Dana, Baloian, Artiom, Schulzrinne, Henning.  2021.  Talking After Lights Out: An Ad Hoc Network for Electric Grid Recovery. 2021 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids (SmartGridComm). :181–187.
When the electrical grid in a region suffers a major outage, e.g., after a catastrophic cyber attack, a “black start” may be required, where the grid is slowly restarted, carefully and incrementally adding generating capacity and demand. To ensure safe and effective black start, the grid control center has to be able to communicate with field personnel and with supervisory control and data acquisition (SCADA) systems. Voice and text communication are particularly critical. As part of the Defense Advanced Research Projects Agency (DARPA) Rapid Attack Detection, Isolation, and Characterization Systems (RADICS) program, we designed, tested and evaluated a self-configuring mesh network prototype called the Phoenix Secure Emergency Network (PhoenixSEN). PhoenixSEN provides a secure drop-in replacement for grid's primary communication networks during black start recovery. The network combines existing and new technologies, can work with a variety of link-layer protocols, emphasizes manageability and auto-configuration, and provides services and applications for coordination of people and devices including voice, text, and SCADA communication. We discuss the architecture of PhoenixSEN and evaluate a prototype on realistic grid infrastructure through a series of DARPA-led exercises.
Milton, Richard, Buyuklieva, Boyana, Hay, Duncan, Hudson-Smith, Andy, Gray, Steven.  2018.  Talking to GNOMEs: Exploring Privacy and Trust Around Internet of Things Devices in a Public Space. Extended Abstracts of the 2018 CHI Conference on Human Factors in Computing Systems. :LBW632:1–LBW632:6.
Privacy issues can be difficult for end-users to understand and are therefore a key concern for information-sharing systems. This paper describes a deployment of fifteen Bluetooth-beacon-enabled 'creatures' spread across London's Queen Elizabeth Olympic Park, which initiate conversations on mobile phones in their vicinity via push notifications. Playing on the common assumption that neutral public settings promote anonymity, users' willingness to converse with personified chatbots is used as a proxy for understanding their inclination to share personal and potentially disclosing information. Each creature is linked to a conversational agent that asks for users' memories and their responses are then shared with other creatures in the network. This paper presents the design of an interactive device used to test users' awareness of how their information propagates to others.
Porcheron, Martin, Fischer, Joel E., McGregor, Moira, Brown, Barry, Luger, Ewa, Candello, Heloisa, O'Hara, Kenton.  2017.  Talking with Conversational Agents in Collaborative Action. Companion of the 2017 ACM Conference on Computer Supported Cooperative Work and Social Computing. :431–436.

This one-day workshop intends to bring together both academics and industry practitioners to explore collaborative challenges in speech interaction. Recent improvements in speech recognition and computing power has led to conversational interfaces being introduced to many of the devices we use every day, such as smartphones, watches, and even televisions. These interfaces allow us to get things done, often by just speaking commands, relying on a reasonably well understood single-user model. While research on speech recognition is well established, the social implications of these interfaces remain underexplored, such as how we socialise, work, and play around such technologies, and how these might be better designed to support collaborative collocated talk-in-action. Moreover, the advent of new products such as the Amazon Echo and Google Home, which are positioned as supporting multi-user interaction in collocated environments such as the home, makes exploring the social and collaborative challenges around these products, a timely topic. In the workshop, we will review current practices and reflect upon prior work on studying talk-in-action and collocated interaction. We wish to begin a dialogue that takes on the renewed interest in research on spoken interaction with devices, grounded in the existing practices of the CSCW community.

Remlein, Piotr, Rogacki, Mikołaj, Stachowiak, Urszula.  2020.  Tamarin software – the tool for protocols verification security. 2020 Baltic URSI Symposium (URSI). :118–123.
In order to develop safety-reliable standards for IoT (Internet of Things) networks, appropriate tools for their verification are needed. Among them there is a group of tools based on automated symbolic analysis. Such a tool is Tamarin software. Its usage for creating formal proofs of security protocols correctness has been presented in this paper using the simple example of an exchange of messages with asynchronous encryption between two agents. This model can be used in sensor networks or IoT e.g. in TLS protocol to provide a mechanism for secure cryptographic key exchange.
Qiao, Siyi, Hu, Chengchen, Guan, Xiaohong, Zou, Jianhua.  2016.  Taming the Flow Table Overflow in OpenFlow Switch. Proceedings of the 2016 ACM SIGCOMM Conference. :591–592.

SDN has become the wide area network technology, which the academic and industry most concerned about.The limited table sizes of today’s SDN switches has turned to the most prominent short planks in the network design implementation. TCAM based flow table can provide an excellent matching performance while it really costs much. Even the flow table overflow cannot be prevented by a fixed-capacity flow table. In this paper, we design FTS(Flow Table Sharing) mechanism that can improve the performance disaster caused by overflow. We demonstrate that FTS reduces both control messages quantity and RTT time by two orders of magnitude compared to current state-of-the-art OpenFlow table-miss handler.

Noor, Nafisa, Khan, Raihan Sayeed, Muneer, Sadid, Silva, Helena.  2019.  Tamper Evidence of SEM Imaging Attack in Phase Change Memory Nanodevices. 2019 IEEE 19th International Conference on Nanotechnology (IEEE-NANO). :400–404.

Breach of security due to unauthorized access to electronic hardware devices or chips has recently become a serious concern for the internet-connected daily activities. Imaging with electron microscopy is one of the invasive techniques used to gain knowledge about a chip layout and extract secret information by the attackers. Automatic destruction or disturbance of the secret key during such invasive attacks are required to ensure protection against these attacks. We have characterized the disturbance caused to programmed phase change memory (PCM) cells by the imaging electron beam during scanning electron microscopy (SEM) in terms of the measured cell resistance. A sudden increase of resistance is observed on all imaged amorphous cells while the cells programmed to intermediate states show either abrupt increase or erratic decrease. These erratic disturbances of state are promising to mislead an attacker that is trying to acquire a stored key and leave indelible marks of tampering. Since PCM is recently being considered for implementation of various hardware security primitives, these beam-induced state change and tamper-evidence features enhance security of PCM devices against physical attacks.