USS
2008
13 years 6 months ago
2008
This paper presents a new technique for exploiting heap overflows in JavaScript interpreters. Briefly, given a heap overflow, JavaScript commands can be used to insure that a func...
USS
2008
13 years 6 months ago
2008
In this paper we introduce the idea of model inference assisted fuzzing aimed to cost effectively improve software security. We experimented with several model inference technique...
USS
2008
13 years 6 months ago
2008
For most computer end
USS
2008
13 years 6 months ago
2008
Cross-site scripting (XSS) and SQL injection errors are two prominent examples of taint-based vulnerabilities that have been responsible for a large number of security breaches in...
USS
2008
13 years 6 months ago
2008
Web sites on the Internet often use redirection. Unfortunately, without additional security, many of the redirection links can be manipulated and abused to mask phishing attacks. ...
USS
2008
13 years 6 months ago
2008
This paper describes a resource access control system for federation of Emulab-based testbeds within the DETER federation architecture. The system is based on three levels of prin...
USS
2008
13 years 6 months ago
2008
There are several remaining open questions in the area of flow-based anomaly detection, e.g., how to do meaningful evaluations of anomaly detection mechanisms; how to get conclusi...
USS
2008
13 years 6 months ago
2008
A major class of network emulation testbeds is based on the Utah Emulab design: a local cluster of experimental nodes interconnected through Ethernet switches using VLANs. The VLA...
USS
2008
13 years 6 months ago
2008
Cyber security experiments with potentially malicious software can possibly damage the testbed environment and "escape" into the Internet. Due to this security concern, ...
USS
2008
13 years 6 months ago
2008
Testbed experiments are a challenge to manage manually, because they involve multiple machines and their correctness depends on the correct operation of testbed infrastructure tha...