Sciweavers

IEEEARES
2009
IEEE
13 years 10 months ago
Reducing the Cost of Session Key Establishment
Scenarios such as online banking, mobile payment systems, stock trading, selling merchandise, and a host of other applications that need a high level of security have moved from th...
Bezawada Bruhadeshwar, Kishore Kothapalli, Maddi S...
IEEEARES
2009
IEEE
13 years 10 months ago
Software Inspections Using Guided Checklists to Ensure Security Goals
Security is a crucial issue in many modern software systems and can lead to immense costs if required security goals are not fulfilled. Fewer techniques exist to address the syste...
Frank Elberzhager, Alexander Klaus, Marek Jawurek
IEEEARES
2009
IEEE
13 years 10 months ago
Quantitative Analysis of Secure Information Flow via Probabilistic Semantics
We present an automatic analyzer for measuring information flow within software systems. In this paper, we quantify leakage in terms of information theory and incorporate this comp...
Chunyan Mu, David Clark
IEEEARES
2009
IEEE
14 years 7 months ago
Investigating the Implications of Virtual Machine Introspection for Digital Forensics
— Researchers and practitioners in computer forensics currently must base their analysis on information that is either incomplete or produced by tools that may themselves be comp...
Kara L. Nance, Brian Hay, Matt Bishop
IEEEARES
2009
IEEE
14 years 7 months ago
Protecting Global and Static Variables from Buffer Overflow Attacks
Yves Younan, Frank Piessens, Wouter Joosen
IEEEARES
2009
IEEE
14 years 7 months ago
Identifying and Resolving Least Privilege Violations in Software Architectures
The implementation of security principles, like least privilege, in a software architecture is difficult, as no systematic rules on how to apply them in practice exist. As a resu...
Koen Buyens, Bart De Win, Wouter Joosen
IEEEARES
2009
IEEE
14 years 7 months ago
Identity-Based Hybrid Signcryption
—Signcryption is a cryptographic primitive that fulfills both the functions of digital signature and public key encryption simultaneously, at a cost significantly lower than th...
Fagen Li, Masaaki Shirase, Tsuyoshi Takagi
IEEEARES
2009
IEEE
14 years 7 months ago
Capturing Information Flow with Concatenated Dynamic Taint Analysis
Dynamic taint analysis (DTA) is a technique used for tracking information flow by propagating taint propagation across memory locations during program execution. Most implementat...
Hyung Chan Kim, Angelos D. Keromytis, Michael Covi...
IEEEARES
2009
IEEE
14 years 7 months ago
Defeating Dynamic Data Kernel Rootkit Attacks via VMM-Based Guest-Transparent Monitoring
—Targeting the operating system kernel, the core of trust in a system, kernel rootkits are able to compromise the entire system, placing it under malicious control, while eluding...
Junghwan Rhee, Ryan Riley, Dongyan Xu, Xuxian Jian...
IEEEARES
2009
IEEE
14 years 7 months ago
Algebraic Properties in Alice and Bob Notation
—Alice and Bob notation is a popular way to describe security protocols: it is intuitive, succinct, and yet expressive. Several formal protocol specification languages are based...
Sebastian Mödersheim