Sciweavers

ACSAC
2004
IEEE
14 years 4 months ago
Designing Good Deceptions in Defense of Information Systems
Since attackers trust computer systems to tell them the truth, it may be effective for those systems to lie or mislead. This could waste the attacker's resources while permit...
Neil C. Rowe
ACSAC
2004
IEEE
14 years 4 months ago
A Dynamic Technique for Eliminating Buffer Overflow Vulnerabilities (and Other Memory Errors)
Buffer overflow vulnerabilities are caused by programming errors that allow an attacker to cause the program to write beyond the bounds of an allocated memory block to corrupt oth...
Martin C. Rinard, Cristian Cadar, Daniel Dumitran,...
ACSAC
2004
IEEE
14 years 4 months ago
Open-Source Applications of TCPA Hardware
How can Alice trust computation occurring at Bob's computer? Since it exists and is becoming ubiquitous, the current-generation TCPA/TCG hardware might enable a solution. Whe...
John Marchesini, Sean W. Smith, Omen Wild, Joshua ...
ACSAC
2004
IEEE
14 years 4 months ago
Attack Plan Recognition and Prediction Using Causal Networks
Correlating and analyzing security alerts is a critical and challenging task in security management. Recently, some techniques have been proposed for security alert correlation. H...
Xinzhou Qin, Wenke Lee
ACSAC
2004
IEEE
14 years 4 months ago
Tracing the Root of "Rootable" Processes
In most existing systems, the authorization check for system resource access is based on the user ID of the running processes. Such systems are vulnerable to password stealing/cra...
Amit Purohit, Vishnu Navda, Tzi-cker Chiueh
ACSAC
2004
IEEE
14 years 4 months ago
The Trustworthy Computing Security Development Lifecycle
This paper discusses the Trustworthy Computing Security Development Lifecycle (or simply the SDL), a process that Microsoft has adopted for the development of software that needs ...
Steven B. Lipner
ACSAC
2004
IEEE
14 years 4 months ago
Security Policies to Mitigate Insider Threat in the Document Control Domain
With rapid advances in online technologies, organizations are migrating from paper based resources to digital documents to achieve high responsiveness and ease of management. Thes...
Suranjan Pramanik, Vidyaraman Sankaranarayanan, Sh...
ACSAC
2004
IEEE
14 years 4 months ago
Securing Java RMI-Based Distributed Applications
Both Java RMI and Jini use a proxy-based architecture. In this architecture, a client interacts with a service through a proxy, which is code downloaded from a directory and insta...
Ninghui Li, John C. Mitchell, Derrick Tong
ACSAC
2004
IEEE
14 years 4 months ago
High-Fidelity Modeling of Computer Network Worms
modeling, such as using epidemic models, has been the general method of choice for understanding and analyzing the high-level effects of worms. However, high-fidelity models, such...
Kalyan S. Perumalla, Srikanth Sundaragopalan