Sciweavers

USS
2008
14 years 2 months ago
Exploitable Redirects on the Web: Identification, Prevalence, and Defense
Web sites on the Internet often use redirection. Unfortunately, without additional security, many of the redirection links can be manipulated and abused to mask phishing attacks. ...
Craig A. Shue, Andrew J. Kalafut, Minaxi Gupta
USS
2008
14 years 2 months ago
Access Control for Federation of Emulab-based Network Testbeds
This paper describes a resource access control system for federation of Emulab-based testbeds within the DETER federation architecture. The system is based on three levels of prin...
Ted Faber, John Wroclawski
USS
2008
14 years 2 months ago
FLAME: A Flow-Level Anomaly Modeling Engine
There are several remaining open questions in the area of flow-based anomaly detection, e.g., how to do meaningful evaluations of anomaly detection mechanisms; how to get conclusi...
Daniela Brauckhoff, Arno Wagner, Martin May
USS
2008
14 years 2 months ago
Experiment Isolation in a Secure Cluster Testbed
A major class of network emulation testbeds is based on the Utah Emulab design: a local cluster of experimental nodes interconnected through Ethernet switches using VLANs. The VLA...
Kevin Lahey, Robert Braden, Keith Sklower
USS
2008
14 years 2 months ago
V-NetLab: An Approach for Realizing Logically Isolated Networks for Security Experiments
Cyber security experiments with potentially malicious software can possibly damage the testbed environment and "escape" into the Internet. Due to this security concern, ...
Weiqing Sun, Varun Katta, Kumar Krishna, R. Sekar
USS
2008
14 years 2 months ago
Managing the Health of Security Experiments
Testbed experiments are a challenge to manage manually, because they involve multiple machines and their correctness depends on the correct operation of testbed infrastructure tha...
Jelena Mirkovic, Karen R. Sollins, John Wroclawski
USS
2008
14 years 2 months ago
Securing the Frisbee Multicast Disk Loader
Robert Ricci, Jonathon Duerig
USS
2008
14 years 2 months ago
Defeating Encrypted and Deniable File Systems: TrueCrypt v5.1a and the Case of the Tattling OS and Applications
We examine the security requirements for creating a Deniable File System (DFS), and the efficacy with which the TrueCrypt disk-encryption software meets those requirements. We fin...
Alexei Czeskis, David J. St. Hilaire, Karl Koscher...
USS
2008
14 years 2 months ago
Absence Makes the Heart Grow Fonder: New Directions for Implantable Medical Device Security
A fundamental tension exists between safety in the common case and security under adversarial conditions for wireless implantable medical devices. We propose a class of new, fail-...
Tamara Denning, Kevin Fu, Tadayoshi Kohno
USS
2008
14 years 2 months ago
Security Benchmarking using Partial Verification
Implementation-level vulnerabilities are a persistent threat to the security of computing systems. We propose using the results of partially-successful verification attempts to pl...
Thomas E. Hart, Marsha Chechik, David Lie