Filters








8,446 Hits in 4.4 sec

Trust Computing, Backed by the Intel Platform Trust Technology [chapter]

Xiaoyu Ruan
2014 Platform Embedded Security Technology Revealed  
This limits the scope of impact, even if vulnerability in hardware is found and exploited.  ...  The difficulty is due to equipment and skills required for finding and exploiting hardware vulnerabilities.  ... 
doi:10.1007/978-1-4302-6572-6_7 fatcat:ejhmh6eqezfz3djz5lycocpzky

Inputs of Coma: Static Detection of Denial-of-Service Vulnerabilities

Richard Chang, Guofei Jiang, Franjo Ivancic, Sriram Sankaranarayanan, Vitaly Shmatikov
2009 2009 22nd IEEE Computer Security Foundations Symposium  
As networked systems grow in complexity, they are increasingly vulnerable to denial-of-service (DoS) attacks involving resource exhaustion.  ...  These DoS attacks exploit the semantics of the target application, are rarely associated with network traffic anomalies, and are thus extremely difficult to detect using conventional methods.  ...  Detecting software defects that can be exploited to cause denial of service is a challenging task.  ... 
doi:10.1109/csf.2009.13 dblp:conf/csfw/ChangJISS09 fatcat:xyjzghrecna5jjryuhdgphrq4y

Evaluating the Vulnerability of Network Mechanisms to Sophisticated DDoS Attacks

U. Ben-Porat, A. Bremler-Barr, H. Levy
2008 IEEE INFOCOM 2008 - The 27th Conference on Computer Communications  
or even a total denial of service.  ...  The design of computer and communication systems has been based, for decades, on the fundamental assumption that the objective of all users is to improve their own performance.  ...  Complexity attack problems were described in many different algorithms, such as Hash [1] , quicksort [10] regular expression matcher [11] , intrusion detection systems [12] , [7] and the linux route-table  ... 
doi:10.1109/infocom.2008.298 dblp:conf/infocom/Ben-PoratBL08 fatcat:qqhd3sq6rvatrln4udowh6xvoy

Evaluating the Vulnerability of Network Mechanisms to Sophisticated DDoS Attacks

U. Ben-Porat, A. Bremler-Barr, H. Levy
2008 2008 Proceedings IEEE INFOCOM - The 27th Conference on Computer Communications  
or even a total denial of service.  ...  The design of computer and communication systems has been based, for decades, on the fundamental assumption that the objective of all users is to improve their own performance.  ...  Complexity attack problems were described in many different algorithms, such as Hash [1] , quicksort [10] regular expression matcher [11] , intrusion detection systems [12] , [7] and the linux route-table  ... 
doi:10.1109/infocom.2007.298 fatcat:zdbwodjeezdepc74kb6f4uw6ji

Improving security using extensible lightweight static analysis

D. Evans, D. Larochelle
2002 IEEE Software  
Most security attacks exploit instances of wellknown classes of implementation flaws. Many of these flaws could be detected and eliminated before software is deployed.  ...  This paper describes an extensible tool that uses lightweight static analysis to detect common security vulnerabilities (including buffer overflows and format string vulnerabilities) and can be readily  ...  Failure to handle possible NULL return values can be exploited in denial of service attacks, and is often not detected in normal testing.  ... 
doi:10.1109/52.976940 fatcat:b6uozxksebgnnf5y3vqisr63hi

Static Analysis for Regular Expression Denial-of-Service Attacks [chapter]

James Kirrage, Asiri Rathnayake, Hayo Thielecke
2013 Lecture Notes in Computer Science  
Yet some widely deployed regular expression matchers based on backtracking are themselves vulnerable to denial-of-service attacks, since their runtime can be exponential for certain input strings.  ...  This paper presents a static analysis for detecting such vulnerable regular expressions.  ...  to a denial-of-service attack.  ... 
doi:10.1007/978-3-642-38631-2_11 fatcat:3ju7io6srvdhleebymgrhuhbb4

Static Analysis for Regular Expression Denial-of-Service Attacks [article]

James Kirrage, Asiri Rathnayake, Hayo Thielecke
2013 arXiv   pre-print
Yet some widely deployed regular expression matchers based on backtracking are themselves vulnerable to denial-of-service attacks, since their runtime can be exponential for certain input strings.  ...  This paper presents a static analysis for detecting such vulnerable regular expressions.  ...  to a denial-of-service attack.  ... 
arXiv:1301.0849v1 fatcat:git46jtlabh5xeiucc7h3ngu74

Processing Tweets for Cybersecurity Threat Awareness [article]

Fernando Alves, Aurélien Bettini, Pedro M. Ferreira, Alysson Bessani
2019 arXiv   pre-print
A qualitative evaluation of the IoCs generated by SYNAPSE demonstrates their relevance (based on the CVSS score and the availability of patches or exploits), and timeliness (based on threat disclosure  ...  Its tweet-processing pipeline is composed of filtering, feature extraction, binary classification, an innovative clustering strategy, and generation of Indicators of Compromise (IoCs).  ...  We thank André Correia for collecting and labelling the data set employed in this paper. This work was partially supported by the EC through funding of the  ... 
arXiv:1904.02072v1 fatcat:cvlhan5avrafddayhbtsy5fo5u

SHARKS: Smart Hacking Approaches for RisK Scanning in Internet-of-Things and Cyber-Physical Systems based on Machine Learning [article]

Tanujay Saha, Najwa Aaraj, Neel Ajjarapu, Niraj K. Jha
2021 arXiv   pre-print
on this ensemble of regular expressions to generate new attack vectors and security vulnerabilities.  ...  In this article, we present an innovative technique for detecting unknown system vulnerabilities, managing these vulnerabilities, and improving incident response when such vulnerabilities are exploited  ...  List of known IoT/CPS attacks Express attacks as regular expressions Vulnerability detection Exhaustively search attack DAG New attack vectors found?  ... 
arXiv:2101.02780v1 fatcat:6mqftspb7nbijbaupom3ernoqa

Vulnerability hierarchies in access control configurations

D. Richard Kuhn
2011 2011 4th Symposium on Configuration Analytics and Automation (SAFECONFIG)  
A taxonomy of rule structures is introduced and detection conditions computed for nine classes of vulnerability: added term, deleted term, replaced term, stuck-at-true condition, stuck-at-false condition  ...  Using these results, tests may be designed to detect configuration errors, and resulting vulnerabilities, using fewer tests than would be required without knowledge of the hierarchical relationship among  ...  Acknowledgments: I am grateful to Lee Badger, Vincent Hu, and the Safeconfig reviewers for many helpful recommendations.  ... 
doi:10.1109/safeconfig.2011.6111679 dblp:conf/safeconfig/Kuhn11 fatcat:d43psud7gnhzlcte5ndwj4wm6i

HotFuzz: Discovering Algorithmic Denial-of-Service Vulnerabilities Through Guided Micro-Fuzzing [article]

William Blair, Andrea Mambretti, Sajjad Arshad, Michael Weissbacher, William Robertson, Engin Kirda, Manuel Egele
2020 arXiv   pre-print
Meanwhile, Algorithmic Complexity (AC)vulnerabilities, which are a common attack vector for denial-of-service attacks, remain an understudied threat.  ...  We evaluate SRI's effectiveness by comparing the performance of micro-fuzzing with SRI, measured by the number of AC vulnerabilities detected, to simply using empty values as seed inputs.  ...  The views and conclusions contained herein are those of the authors and should not be interpreted as representing the official policies or endorsements, either expressed or implied, of any government agency  ... 
arXiv:2002.03416v1 fatcat:zb72iomeabdmjiig2yn5vdgsz4

Detection of Vulnerability Injection Point in Software Development Lifecycle for Effective Countermeasures

2020 International Journal of Engineering and Advanced Technology  
Our research focuses on Evolution of Vulnerabilities through the application development life cycle, and we have leveraged "Inverted Tree Structure/Attack Tree" and "Affinity Principles" to map the vulnerabilities  ...  This paper takes a deeper look at data breach, its causes and the linked vulnerability aspects in the application development lifecycle.  ...  This behavior can lead to denial-of-service when using the proxygen server to handle Hyper Text Transfer Protocol (HTTP2) requests.  ... 
doi:10.35940/ijeat.c6045.029320 fatcat:xijg6u3usjfwtdcq45wo4gl4e4

Generating Representative Attack Test Cases for Evaluating and Testing Wireless Intrusion Detection Systems

Khalid Nasr
2012 International journal of network security and its applications  
Openness of wireless communication medium and flexibility in dealing with wireless communication protocols and their vulnerabilities create a problem of poor security.  ...  WIDS monitors the radio spectrum and system activities and detects attacks leaked from the first line of defense.  ...  Denial-of-Service Denial-of-service goal can be achieved by hindering a targeted system from serving the legitimate users.  ... 
doi:10.5121/ijnsa.2012.4301 fatcat:kz6x5xo6g5agdkcqzswyy4gjcq

A defense-centric taxonomy based on attack manifestations

K.S. Killourhy, R.A. Maxion, K.M.C. Tan
2004 International Conference on Dependable Systems and Networks, 2004  
Defenders need a way of determining whether or not their detectors will detect a given attack.  ...  The defense-centric taxonomy is shown to be a more effective predictor of a detector's ability to detect specific attacks, hence informing a defender that a given detector is competent against an entire  ...  Acknowledgements The authors thank Michael Drew for his contributions to the attack programs and validations.  ... 
doi:10.1109/dsn.2004.1311881 dblp:conf/dsn/KillourhyMT04 fatcat:rzidumogr5dz3pozklvljze66y

Denial of Wallet – Defining a Looming Threat to Serverless Computing [article]

Daniel Kelly, Frank G. Glavin, Enda Barrett
2021 arXiv   pre-print
In this work, we define and identify the threat of Denial of Wallet and its potential attack patterns.  ...  Also, we demonstrate how this new form of attack can potentially circumvent existing mitigation systems developed for a similar style of attack, Denial of Service. Our goal is twofold.  ...  Two potential DoS attacks that could be re-purposed for DoW are: ReDoS -Regular expression Denial of Service (ReDoS) [10] is an algorithmic complexity attack that produces a DoS by providing a regular  ... 
arXiv:2104.08031v2 fatcat:qyv57orjnzfijgv2ope3tklnye
« Previous Showing results 1 — 15 out of 8,446 results