Sciweavers

Share
warning: Creating default object from empty value in /var/www/modules/taxonomy/taxonomy.module on line 1416.
SP
2009
IEEE
11 years 6 months ago
Exploiting Unix File-System Races via Algorithmic Complexity Attacks
We defeat two proposed Unix file-system race condition defense mechanisms. First, we attack the probabilistic defense mechanism of Tsafrir, et al., published at USENIX FAST 2008[...
Xiang Cai, Yuwei Gui, Rob Johnson
SP
2009
IEEE
130views Security Privacy» more  SP 2009»
11 years 6 months ago
Wirelessly Pickpocketing a Mifare Classic Card
The Mifare Classic is the most widely used contactless smartcard on the market. The stream cipher CRYPTO1 used by the Classic has recently been reverse engineered and serious atta...
Flavio D. Garcia, Peter van Rossum, Roel Verdult, ...
SP
2009
IEEE
106views Security Privacy» more  SP 2009»
11 years 6 months ago
Pretty-Bad-Proxy: An Overlooked Adversary in Browsers' HTTPS Deployments
– HTTPS is designed to provide secure web communications over insecure networks. The protocol itself has been rigorously designed and evaluated by assuming the network as an adve...
Shuo Chen, Ziqing Mao, Yi-Min Wang, Ming Zhang
SP
2009
IEEE
128views Security Privacy» more  SP 2009»
11 years 6 months ago
Fingerprinting Blank Paper Using Commodity Scanners
This paper presents a novel technique for authenticating physical documents based on random, naturally occurring imperfections in paper texture. We introduce a new method for meas...
William Clarkson, Tim Weyrich, Adam Finkelstein, N...
SP
2009
IEEE
123views Security Privacy» more  SP 2009»
11 years 6 months ago
DSybil: Optimal Sybil-Resistance for Recommendation Systems
Recommendation systems can be attacked in various ways, and the ultimate attack form is reached with a sybil attack, where the attacker creates a potentially unlimited number of s...
Haifeng Yu, Chenwei Shi, Michael Kaminsky, Phillip...
SP
2009
IEEE
155views Security Privacy» more  SP 2009»
11 years 6 months ago
A Logic of Secure Systems and its Application to Trusted Computing
We present a logic for reasoning about properties of secure systems. The logic is built around a concurrent programming language with constructs for modeling machines with shared ...
Anupam Datta, Jason Franklin, Deepak Garg, Dilsun ...
SP
2009
IEEE
262views Security Privacy» more  SP 2009»
11 years 6 months ago
Automatic Reverse Engineering of Malware Emulators
Malware authors have recently begun using emulation technology to obfuscate their code. They convert native malware binaries into bytecode programs written in a randomly generated...
Monirul I. Sharif, Andrea Lanzi, Jonathon T. Giffi...
SP
2009
IEEE
122views Security Privacy» more  SP 2009»
11 years 6 months ago
Plaintext Recovery Attacks against SSH
This paper presents a variety of plaintext-recovering attacks against SSH. We implemented a proof of concept of our attacks against OpenSSH, where we can verifiably recover 14 bi...
Martin R. Albrecht, Kenneth G. Paterson, Gaven J. ...
SP
2009
IEEE
129views Security Privacy» more  SP 2009»
11 years 6 months ago
CLAMP: Practical Prevention of Large-Scale Data Leaks
Providing online access to sensitive data makes web servers lucrative targets for attackers. A compromise of any of the web server’s scripts, applications, or operating system c...
Bryan Parno, Jonathan M. McCune, Dan Wendlandt, Da...
SP
2009
IEEE
144views Security Privacy» more  SP 2009»
11 years 6 months ago
Native Client: A Sandbox for Portable, Untrusted x86 Native Code
This paper describes the design, implementation and evaluation of Native Client, a sandbox for untrusted x86 native code. Native Client aims to give browser-based applications the...
Bennet Yee, David Sehr, Gregory Dardyk, J. Bradley...
books