5,324 Hits in 4.6 sec

EVIL: Exploiting Software via Natural Language [article]

Pietro Liguori, Erfan Al-Hossami, Vittorio Orbinato, Roberto Natella, Samira Shaikh, Domenico Cotroneo, Bojan Cukic
2021 arXiv   pre-print
To make the task easier, we propose an approach (EVIL) to automatically generate exploits in assembly/Python language from descriptions in natural language.  ...  We present an extensive experimental study to evaluate the feasibility of EVIL, using both automatic and manual analysis, and both at generating individual statements and entire exploits.  ...  In this work, we propose an approach, EVIL (Exploiting software VIa natural Language), for exploit writing based on natural language processing.  ... 
arXiv:2109.00279v1 fatcat:jknu7gdckzf7ldz6hmpj75lcva

Evil twins

Jacob Gorm Hansen, Eske Christiansen, Eric Jul
2007 ACM SIGOPS Operating Systems Review  
In the second, a centralized pull model ("Evil Twin"), nodes may be running behind NATs or firewalls, and are controlled by a centralized web service.  ...  All necessary application software, including the operating system, is provided by the customer as a full virtual machine, and boot-strapped or migrated into the cluster.  ...  Because Evil Man uses Xen Virtual Machines rather than the lighter weight Linux VServers used in Planetlab OS, Evil Man is more flexible and more secure against kernel level security exploits, at the cost  ... 
doi:10.1145/1278901.1278906 fatcat:eevt47axhjbzjjpgvips6fmg7u

Sherlock holmes' evil twin

Gerald Friedland, Gregor Maier, Robin Sommer, Nicholas Weaver
2011 Proceedings of the 2011 workshop on New security paradigms workshop - NSPW '11  
We contend that adversaries can systematically exploit such relationships by correlating information from different sources in what we term global inference attacks: assembling a comprehensive understanding  ...  Consequently, researchers from different areas of computer science, including computer vision, speech processing, natural language processing, Semantic Web, and databases, invested significant effort into  ...  Among them, face recognition software identifies a guest recently arrested for a drug offense [31] .  ... 
doi:10.1145/2073276.2073287 dblp:conf/nspw/FriedlandMSW11 fatcat:xtzklviczvh2lbothmhoz25qr4

Beyond Good and Evil: Formalizing the Security Guarantees of Compartmentalizing Compilation [article]

Yannis Juglaret, Catalin Hritcu, Arthur Azevedo de Amorim, Boris Eng, Benjamin C. Pierce
2017 arXiv   pre-print
By breaking a large software system into mutually distrustful components that run with minimal privileges, restricting their interactions to conform to well-defined interfaces, we can limit the damage  ...  The connection to full abstraction allows us to prove SCC by adapting established proof techniques; we illustrate this with a compiler from a simple unsafe imperative language with procedures to a compartmentalized  ...  These devastating low-level attacks typically exploit memory-safety vulnerabilities such as buffer overflows, use-after-frees, or double frees, which are abundant in large software systems.  ... 
arXiv:1602.04503v6 fatcat:kpnuirmqefeqlp7hl65soaiiaa

See No Evil, Hear No Evil? Dissecting the Impact of Online Hacker Forums

Wei T. Yue, Qiu-Hong Wang, Kai-Lung Hui
2019 MIS Quarterly  
We find that discussion topics with similar keywords can variously increase or decrease DDOS attacks, meaning we cannot ascertain the impact of the discussion just by the post nature.  ...  Because all DDOS attacks target specific ports associated with different software applications, we connect the forum discussion to the DDOS attacks observed from 2007 to 2011 via the port numbers mentioned  ...  For example, prosecuting online transactions of dangerous exploits may keep the exploits from creating damage before security developers can find a solution (Stockton and Golabek-Goldman 2013).  ... 
doi:10.25300/misq/2019/13042 fatcat:7bf5axqdprdtzkwavo4cvsmfpe

Evil Offspring - Ransomware and Crypto Technology

Hilarie Orman
2016 IEEE Internet Computing  
We have learned a lot about computer science, language design, and software engineering since then.  ...  that drives our computing devices always has exploitable bugs.  ...  Software Engineer require Bachelor's or equiv. in Comp. Sc., IT, Engg (any) or related and 24 mos' relevant indus. exp. Sr. Solution Architect require Master's degree or equiv. in Comp.  ... 
doi:10.1109/mic.2016.90 fatcat:v5zmzx7qrba5dkqxweoo3ifvry

Jekyll on iOS: When Benign Apps Become Evil

Tielei Wang, Kangjie Lu, Long Lu, Simon P. Chung, Wenke Lee
2013 USENIX Security Symposium  
The key idea is to make the apps remotely exploitable and subsequently introduce malicious control flows by rearranging signed code.  ...  Jekyll app can successfully perform many malicious tasks, such as stealthily posting tweets, taking photos, stealing device identity information, sending email and SMS, attacking other apps, and even exploiting  ...  software updates.  ... 
dblp:conf/uss/WangLLCL13 fatcat:d7bbgrk3u5h4phjxkf4tmwcwtq

Automating NFC message sending for good and evil

Nikki Benecke Brandt, Mark Stamp
2014 Journal in Computer Virology and Hacking Techniques  
Automating NFC Message Sending for Good and Evil by Nikki Benecke Brandt Near Field Communication (NFC) is an emerging proximity wireless technology used for triggering automatic interactions between mobile  ...  So it is clear that performing automation via software on an Android phone has merit as an idea.  ...  Naturally, this is not a straightforward task. By default, is read-only. Applications cannot be copied to the directory either via the shell or by using adb push.  ... 
doi:10.1007/s11416-014-0223-x fatcat:whoturuuhjhyxktfkkqwpgu2yq

Interactivity is Evil! A critical investigation of Web 2.0

Kylie Jarrett
2008 First Monday  
Introduction The key feature of Web 2.0 is the development of software which enables mass participation in social activities.  ...  In the shift from the passive exploitation of the audience commodity to this active exploitation of the creative production of users, Coté and Pybus see the activation of biopower in which mobile and interconnected  ... 
doi:10.5210/fm.v13i3.2140 fatcat:222ammcw7ngylh7jpfhphwlqpm

Wi-Fi Network Testing Using an Integrated Evil-Twin Framework

Andre Esser, Carlos Serrao
2018 2018 Fifth International Conference on Internet of Things: Systems, Management and Security  
The developed framework is based on open-source software and is also available as opensource software, allowing developers to extend its functionality.  ...  Architecture ETF was entirely developed using the Python (version 2) programming language [13] .  ... 
doi:10.1109/iotsms.2018.8554388 dblp:conf/iotsms/EsserS18 fatcat:xz2m7pv3gvcqveuabbcskiopx4


Anam Shahid, Maria Sumbul
2017 PEOPLE International Journal of Social Sciences  
The paper highlights the ratio of UAE parents, who are aware of social evils and take measures to protect their children.  ...  The problem statement is that Social evils in the social media along with its excessive use has negative impact on the children"s health and development, moreover parents do agree to this fact, however  ...  nature.  ... 
doi:10.20319/pijss.2017.33.854875 fatcat:jepg5r4zfzggvcf6ao7isgolfa

Stop Being Evil: A Proposal for Unbiased Biased Search

Josh Hazan
2012 Social Science Research Network  
The unstructured nature of the internet makes this so.  ...  The technical language is not exact, as Google and Windows are very distinct types of programs.  ... 
doi:10.2139/ssrn.2042713 fatcat:i2i6yyvglzf5rklk73o4aslqt4

Global Sourcing of IT Services: Necessary Evil or Blessing in Disguise?

Jerry Cederlund, Robert J. Kauffman, Rajiv Kohli, M. Lynne Markus, Nigel Melville, Paul Pavlou
2007 Communications of the Association for Information Systems  
Debate #1: Global Sourcing of IT -Necessary Evil or Blessing in Disguise?  ...  Three shift and language groups were organized to interact with client employees (and vendors) in particular geographic regions. (In all, team members spoke twenty languages.)  ...  How important for work design is the choice of one software package or service over another?  ... 
doi:10.17705/1cais.01914 fatcat:q6cpfp5vynf3viwniqhnnfmcwm

Lexical and world knowledge: Theoretical and applied viewpoints [chapter]

John S. White
1992 Lecture Notes in Computer Science  
Three discussion points are addressed from two perspectives: that of an anthropological tradition in cognitive science, and that of application--oriented natural language processing.  ...  Thus the phenomenon was neutral with respect to the influence of language on perception/cognition. Natural Language Processing Methodologies.  ...  Tojolabal evil eye.  ... 
doi:10.1007/3-540-55801-2_34 fatcat:xfqv2malhvgv7intwgbko5gkeq

Evil Pickles: DoS Attacks Based on Object-Graph Engineering * A rt ifact * A EC

Jens Dietrich, Kamil Jezek, Shawn Rasheed, Amjed Tahir, Alex Potanin, Jens Dietrich, Kamil Jezek, Shawn Rasheed, Amjed Tahir, Alex Potanin
In recent years, multiple vulnerabilities exploiting the serialisation APIs of various programming languages, including Java, have been discovered.  ...  These vulnerabilities can be used to devise injection attacks, exploiting the presence of dynamic programming language features like reflection or dynamic proxies.  ...  This attack is similar in nature to the turtles vulnerability described above.  ... 
« Previous Showing results 1 — 15 out of 5,324 results