As new attacks against Windows-based machines emerge almost on a daily basis, there is an increasing need to “lock down” individual users’ desktop machines in corporate comp...
In healthcare, role-based access control systems are often extended with exception mechanisms to ensure access to needed informationeven when the needs don’t followthe expected ...
An Intrusion Detection System (IDS) is a crucial element of a network security posture. Although there are many IDS products available, it is rather difficult to find information ...
Address-space randomization (ASR) is a promising solution to defend against memory corruption attacks that have contributed to about three-quarters of USCERT advisories in the pas...
Comparing the system call sequence of a network application against a sandboxing policy is a popular approach to detecting control-hijacking attack, in which the attacker exploits...
This work introduces the A system1 , an Internetbased, free and open source electronic voting system which employs strong cryptography. Our system is a fully functiona...
Attack graphs are a valuable tool to network defenders, illustrating paths an attacker can use to gain access to a targeted network. Defenders can then focus their efforts on patc...
We propose an architecture of four complimentary technologies increasingly relevant to a growing number of home users and organizations: cryptography, separation kernels, formal v...
Instruction Set Randomization (ISR) has been proposed as a form of defense against binary code injection into an executing program. One proof-of-concept implementation is Randomiz...