Several new approaches for detecting malicious attacks on computer systems and/or confining untrusted or malicious applications have emerged over the past several years. These tec...
We describe a new technique for finding potential buffer overrun vulnerabilities in security-critical C code. The key to success is to use static analysis: we formulate detection...
David Wagner, Jeffrey S. Foster, Eric A. Brewer, A...
The distinguishing feature of a metasystem is middleware that facilitates viewing a collection of large, distributed, heterogeneous resources as a single virtual machine, where ea...
Marty Humphrey, Frederick Knabe, Adam Ferrari, And...
This paper describes automatic protocol generation (APG for short), a novel mechanism to generate security protocols automatically. With APG, the protocol designer inputs the spec...
We analyze an optimistic contract signing protocol of Asokan, Shoup, and Waidner as a case study in the applicability of formal methods to verification of fair exchange protocols...
Traditional Intrusion Detection Systems (IDSs) mostly work off-line, without any direct runtime interaction or coordination with the applications (and with other IDSs) that they a...
Joseph P. Loyall, Partha Pratim Pal, Richard E. Sc...
We propose a host architecture for secure IP multicast. We identify the basic components of the architecture, describe their functionalities and how they interact with one another...
Ran Canetti, Pau-Chen Cheng, Frederique Giraud, Di...
Abstract. Chameleon signatures simultaneously provide the properties of nonrepudiation and non-transferability for the signed message. However, the initial constructions of chamele...
The Border Gateway Protocol (BGP), which is used to distribute routing information between autonomous systems, is an important component of the Internet’s routing infrastructure...
Stephen T. Kent, Charles Lynn, Joanne Mikkelson, K...