Search Results - "21st Annual Computer Security Applications Conference (ACSAC'05)"

Graphical passwords: a survey by Xiaoyuan Suo, Ying Zhu, Owen, G.S.

“…The most common computer authentication method is to use alphanumerical usernames and passwords. This method has been shown to have significant drawbacks. For…”
Get full text

Building a MAC-based security architecture for the Xen open-source hypervisor by Sailer, R., Jaeger, T., Valdez, E., Caceres, R., Perez, R., Berger, S., Griffin, J.L., van Doorn, L.

“…We present the sHype hypervisor security architecture and examine in detail its mandatory access control facilities. While existing hypervisor security…”
Get full text

Dynamic taint propagation for Java by Haldar, V., Chandra, D., Franz, M.

“…Improperly validated user input is the underlying root cause for a wide variety of attacks on Web-based applications. Static approaches for detecting this…”
Get full text

ScriptGen: an automated script generation tool for Honeyd by Leita, C., Mermoud, K., Dacier, M.

“…Honeyd (N. Provos, 2004) is a popular tool developed by Niels Provos that offers a simple way to emulate services offered by several machines on a single PC…”
Get full text

Intrusion detection in RBAC-administered databases by Bertino, E., Terzi, E., Kamra, A., Vakali, A.

“…A considerable effort has been recently devoted to the development of database management systems (DBMS) which guarantee high assurance security and privacy…”
Get full text

Understanding complex network attack graphs through clustered adjacency matrices by Noel, S., Jajodia, S.

“…We apply adjacency matrix clustering to network attack graphs for attack correlation, prediction, and hypothesizing. We self-multiply the clustered adjacency…”
Get full text

A host-based approach to network attack chaining analysis by Ammann, P., Pamula, J., Ritchey, R., Street, J.

“…The typical means by which an attacker breaks into a network is through a chain of exploits, where each exploit in the chain lays the groundwork for subsequent…”
Get full text

Looking back at the Bell-La Padula model by Bell, D.E.

“…The Bell-La Padula security model produced conceptual tools for the analysis and design of secure computer systems. Together with its sibling engineering…”
Get full text

Strengthening software self-checksumming via self-modifying code by Giffin, J.T., Christodorescu, M., Kruger, L.

“…Recent research has proposed self-checksumming as a method by which a program can detect any possibly malicious modification to its code. Wurster et al…”
Get full text

User-centered security: stepping up to the grand challenge by Zurko, M.E.

“…User-centered security has been identified as a grand challenge in information security and assurance. It is on the brink of becoming an established subdomain…”
Get full text

A Nitpicker's guide to a minimal-complexity secure GUI by Feske, N., Helmuth, C.

“…Malware such as Trojan horses and spyware remain to be persistent security threats that exploit the overly complex graphical user interfaces of today's…”
Get full text

The Pump: a decade of covert fun by Kang, M.H., Moskowitz, I.S., Chincheck, S.

“…This paper traces the ten plus year history of the Naval Research Laboratory's Pump idea. The Pump was theorized, designed, and built at the Naval Research…”
Get full text

Stealth breakpoints by Vasudevan, A., Yerraballi, R.

“…Microscopic analysis of malicious code (malware) requires the aid of a variety of powerful tools. Chief among them is a debugger that enables runtime binary…”
Get full text

Replay attack in TCG specification and solution by Bruschi, D., Cavallaro, L., Lanzi, A., Monga, M.

“…We prove the existence of a flaw which we individuated in the design of the object-independent authorization protocol (OIAP), which represents one of the…”
Get full text

Model checking an entire Linux distribution for security violations by Schwarz, B., Hao Chen, Wagner, D., Morrison, G., West, J., Lin, J., Wei Tu

“…Software model checking has become a popular tool for verifying programs' behavior. Recent results suggest that it is viable for finding and eradicating…”
Get full text

Building evidence graphs for network forensics analysis by Wei Wang, Daniels, T.E.

“…In this paper, we present techniques for a network forensics analysis mechanism that includes effective evidence presentation, manipulation and automated…”
Get full text

Survivability architecture of a mission critical system: the DPASA example by Chong, J., Pal, P., Atigetchi, M., Rubel, P., Webber, F.

“…Many techniques and mechanisms exist today, some COTS, others less mature research products that can be used to deflect, detect, or even recover from specific…”
Get full text

Automatic generation of buffer overflow attack signatures: an approach based on program behavior models by Zhenkai Liang, Sekar, R.

“…Buffer overflows have become the most common target for network-based attacks. They are also the primary mechanism used by worms and other forms of automated…”
Get full text

Privacy-preserving alert correlation: a concept hierarchy based approach by Dingbang Xu, Peng Ning

“…With the increasing security threats from infrastructure attacks such as worms and distributed denial of service attacks, it is clear that the cooperation…”
Get full text

TARP: ticket-based address resolution protocol by Lootah, W., Enck, W., McDaniel, P.

“…IP networks fundamentally rely on the address resolution protocol (ARP) for proper operation. Unfortunately, vulnerabilities in the ARP protocol enable a raft…”
Get full text