We propose STILL, a generic defense based on Static Taint and InitiaLization anaLyses, to detect exploit code embedded in data streams/requests targeting at various Internet servi...
In its most general form, an attack signature is a program that can correctly determine if an input network packet sequence can successfully attack a protected network application...
Main memory contains transient information for all resident applications. However, if memory chip contents survives power-off, e.g., via freezing DRAM chips, sensitive data such a...
William Enck, Kevin R. B. Butler, Thomas Richardso...
Users commonly download, patch, and use applications such as email clients, office applications, and media-players from the Internet. Such applications are run with the user’s ...
Many anti-phishing mechanisms currently focus on helping users verify whether a web site is genuine. However, usability studies have demonstrated that prevention-based approaches ...
Side channels are typically viewed as attacks that leak cryptographic keys during cryptographic algorithm processing, by observation of system side effects. In this paper, we pres...
Albert Tannous, Jonathan T. Trostle, Mohamed Hassa...
Secure provenance that records ownership and process history of data objects is vital to the success of data forensics in cloud computing, yet it is still a challenging issue toda...
User-to-tag authentication can prevent a variety of potential attacks on personal RFID tags. In this poster, a new RFID authentication scheme is presented that allows a user to co...