USEnet Live!

Displaying 1-40 of 42 results

  • White Papers // Jan 2014

    Pushing Boulders Uphill: The Difficulty of Network Intrusion Recovery

    One of the most significant unsolved problems for network managers and system administrators is how to repair a network infrastructure after discovering evidence of an extensive compromise. The technical issues are compounded by a breathtaking variety of human factors. The authors present a study of three significant compromises of a...

    Provided By USEnet Live!

  • White Papers // Jan 2014

    EVA: A Framework for Network Analysis and Risk Assessment

    Evolutionary Vulnerability Analysis (EVA) is an attack graph tool that allows an administrator to assess and analyze a network in a variety of fashions. Unlike other attack graph tools which just focus on visualizing the network or recommending a set of patches to secure the network, EVA goes beyond these...

    Provided By USEnet Live!

  • White Papers // Jan 2014

    ConfiDNS: Leveraging Scale and History to Improve DNS Security

    The use of distributed computing to address performance and reliability problems in the Domain Name System (DNS) has recently received much research attention, and has spawned two widely-deployed distributed systems, CoDNS and CoDoNS. While cooperative DNS resolver systems, such as Co-DNS, have demonstrated improved reliability and performance over standard approaches,...

    Provided By USEnet Live!

  • White Papers // Mar 2013

    Chatty Tenants and the Cloud Network Sharing Problem

    The emerging ecosystem of cloud applications leads to significant inter-tenant communication across a datacenter's internal network. This poses new challenges for cloud network sharing. Richer inter-tenant traffic patterns make it hard to offer minimum bandwidth guarantees to tenants. Further, for communication between economically distinct entities, it is not clear whose...

    Provided By USEnet Live!

  • White Papers // Jan 2013

    Horus: Fine-Grained Encryption-Based Security for Large-Scale Storage

    With the growing use of large-scale distributed systems, the likelihood that at least one node is compromised is increasing. Large-scale systems that process sensitive data such as geographic data with defense implications, drug modeling, nuclear explosion modeling, and private genomic data would benefit greatly from strong security for their storage....

    Provided By USEnet Live!

  • White Papers // Jun 2012

    Towards a Framework for Evaluating BGP Security

    Security and performance evaluation of Internet protocols can be greatly aided by emulation in realistic deployment scenarios. The authors describe their implementation of such methods which uses high-level abstractions to bring simplicity into a virtualized test-lab. They argue that current test-labs have not adequately captured those challenges, partly because their...

    Provided By USEnet Live!

  • White Papers // Jun 2012

    Body Area Network Security: Robust Key Establishment Using Human Body Channel

    In order for two sensors within a body area network to determine they are on the same body, e.g., for security purposes, extensive prior work considers the use of physiological values. The authors study the practicality of using body physiological values for securely exchanging messages for sharing keys. Due to...

    Provided By USEnet Live!

  • White Papers // Jun 2012

    Enhanced Operating System Security Through Efficient and Fine-Grained Address Space Randomization

    In recent years, the deployment of many application level countermeasures against memory errors and the increasing number of vulnerabilities discovered in the kernel has fostered a renewed interest in kernel-level exploitation. Unfortunately, no comprehensive and well established mechanism exists to protect the operating system from arbitrary attacks, due to the...

    Provided By USEnet Live!

  • White Papers // Jun 2012

    Chimera: A Declarative Language for Streaming Network Traffic Analysis

    Intrusion detection systems play a vital role in network security. Central to these systems is the language used to express policies. Ideally, this language should be powerful, implementation-agnostic, and cross-platform. Unfortunately, today's popular intrusion detection systems fall short of this paper. Each has their own policy language in which expressing...

    Provided By USEnet Live!

  • White Papers // Jun 2012

    New Attacks on Timing-based Network Flow Watermarks

    A network flow watermarking scheme attempts to manipulate the statistical properties of a flow of packets to insert a \"Mark\" making it easier to detect the flow after passing through one or more relay hosts. Because an attacker that is willing to tolerate delay can (nearly) always eliminate such marks,...

    Provided By USEnet Live!

  • White Papers // Jun 2012

    An Evaluation of the Google Chrome Extension Security Architecture

    Vulnerabilities in browser extensions put users at risk by providing a way for website and network attackers to gain access to users' private data and credentials. Extensions can also introduce vulnerabilities into the websites that they modify. In 2009, Google Chrome introduced a new extension platform with several features intended...

    Provided By USEnet Live!

  • White Papers // Mar 2012

    Classification of UDP Traffic for DDoS Detection

    UDP traffic has recently been used extensively in flooding-based Distributed Denial of Service (DDoS) attacks, most notably by those launched by the Anonymous group. Despite extensive past research in the general area of DDoS detection/prevention, the industry still lacks effective tools to deal with DDoS attacks leveraging UDP traffic. In...

    Provided By USEnet Live!

  • White Papers // Sep 2011

    Using Active Intrusion Detection to Recover Network Trust

    Most existing Intrusion Detection Systems (IDS) take a passive approach to observing attacks or noticing exploits. The authors suggest that Active Intrusion Detection (AID) techniques provide value, particularly in scenarios where an administrator attempts to recover a network infrastructure from a compromise. In such cases, an attacker may have corrupted...

    Provided By USEnet Live!

  • White Papers // Sep 2011

    Local System Security via SSHD Instrumentation

    The adoption of SSH as the defacto protocol for interactive shell access has proven to be extremely successful in terms of avoiding shared media credential theft and man in the middle attacks. In this paper, the authors describe a method for near real-time identification of attack behavior and local security...

    Provided By USEnet Live!

  • White Papers // Sep 2011

    Tiqr: A Novel Take on Two-factor Authentication

    Authentication is of paramount importance for all modern networked applications. The username/password paradigm is ubiquitous. This paradigm suffices for many applications that require a relatively low level of assurance about the identity of the end user, but it quickly breaks down when a stronger assertion of the user's identity is...

    Provided By USEnet Live!

  • White Papers // Jul 2011

    Towards Client-Side HTML Security Policies

    With the proliferation of content rich web applications, content injection has become an increasing problem. Cross site scripting is the most prominent examples of this. Many systems have been designed to mitigate content injection and cross site scripting. Notable examples are BEEP, BLUEPRINT, and content security policy, which can be...

    Provided By USEnet Live!

  • White Papers // Jun 2011

    Security Fusion: A New Security Architecture for Resource-Constrained Environments

    There is a huge demand for wireless sensors and RFID tags for remote surveillance and tracking. However, in order for such technologies to gain wide acceptance in industry, there needs to be strong security integrated into them. Traditional cryptographic schemes are infeasible due to hardware, computation, and power constraints. To...

    Provided By USEnet Live!

  • White Papers // Jun 2011

    Secure In-Band Wireless Pairing

    In this paper, the authors present the first wireless pairing protocol that works in-band, with no pre-shared keys, and protects against MITM attacks. The main innovation is a new key exchange message constructed in a manner that ensures an adversary can neither hide the fact that a message was transmitted,...

    Provided By USEnet Live!

  • White Papers // Jun 2011

    Toward Secure Embedded Web Interfaces

    The authors address the challenge of building secure embedded web interfaces by proposing WebDroid: the first framework specifically dedicated to this purpose. Their design extends the Android Framework, and enables developers to create easily secure web interfaces for their applications. To motivate their work, they perform an in-depth study of...

    Provided By USEnet Live!

  • White Papers // Mar 2011

    The Nuts and Bolts of a Forum Spam Automator

    Web boards, blogs, wikis, and guestbooks are forums frequented and contributed to by many Web users. Unfortunately, the utility of these forums is being diminished due to spamming, where miscreants post messages and links not intended to contribute to forums, but to advertise their websites. Many such links are malicious....

    Provided By USEnet Live!

  • White Papers // Mar 2011

    Towards Automated Identification of Security Zone Classification in Enterprise Networks

    Knowledge of the security zone classification of devices in an enterprise Information Technology (IT) infrastructure is essential in many enterprise IT transformation and optimization activities. The authors describe a systematic and semi-automated approach for discovering the security zone classification of devices in an enterprise network. For reduced interference with normal...

    Provided By USEnet Live!

  • White Papers // Jul 2010

    The Blunderdome: An Offensive Exercise for Building Network, Systems, and Web Security Awareness

    In spite of the controversy surrounding the practice of using offensive computer security exercises in information assurance curricula, it holds significant educational value. An exercise and architecture for an asymmetric (offense-only) security project, nicknamed \"Blunderdome\", has been deployed twice at the University of Tulsa: once to graduate students in a...

    Provided By USEnet Live!

  • White Papers // Jul 2010

    Visual Security Policy for the Web

    Many web security vulnerabilities allow parts of a page to interact when they should be isolated. Such vulnerabilities can be mitigated by implementing protection boundaries between web page elements. Several methods exist for creating such boundaries, but existing methods require relatively sophisticated knowledge of web technologies. To make protection mechanisms...

    Provided By USEnet Live!

  • White Papers // Jun 2010

    Collaborative Intrusion Detection Framework: Characteristics, Adversarial Opportunities and Countermeasures

    Complex Internet attacks may come from multiple sources, and target multiple networks and technologies. Nevertheless, Collaborative Intrusion Detection Systems (CIDS) emerges as a promising solution by using information from multiple sources to gain a better understanding of objective and impact of complex Internet attacks. CIDS also help to cope with...

    Provided By USEnet Live!

  • White Papers // Apr 2010

    Detection of Spam Hosts and Spam Bots Using Network Flow Traffic Modeling

    In this paper, the authors present an approach for detecting e-mail spam originating hosts, spam bots and their respective controllers based on network flow data and DNS metadata. Their approach consists of first establishing SMTP traffic models of legitimate vs. spammer SMTP clients and then classifying unknown SMTP clients with...

    Provided By USEnet Live!

  • White Papers // Aug 2009

    An SSH-Based Toolkit for User-Based Network Services

    Network authentication, even when using libraries intended to simplify the task, is inordinately difficult. Separate libraries are used for cryptography, network authentication protocols, accessing stored authentication information, and verifying the identity of remote entities. In addition, service used must be authorized. Finally, privilege separation is needed to separate security sensitive,...

    Provided By USEnet Live!

  • White Papers // Jul 2008

    Experiment Isolation in a Secure Cluster Testbed

    A major class of network emulation testbeds is based on the Utah Emulab design: a local cluster of experimental nodes interconnected through Ethernet switches using VLANs. The VLANs are configured dynamically to create multiple concurrent experimental topologies. This cluster architecture allows deterministic testbed operation and therefore repeatable experiments. This paper...

    Provided By USEnet Live!

  • White Papers // Jul 2008

    Research Challenges for the Security of Control Systems

    The authors have presented the current status of the field of secure control. They identified some unique properties that these systems have in comparison to traditional IT systems and proposed some new research challenges based on the physical models of the process being controlled. Their research challenges are mostly unsolved...

    Provided By USEnet Live!

  • White Papers // Jul 2008

    Towards Quantification of Network-Based Information Leaks via HTTP

    As the internet grows and network bandwidth continues to increase, administrators are faced with the task of keeping confidential information from leaving their networks. Today's network traffic is so voluminous that manual inspection would be unreasonably expensive. In response, researchers have created data loss prevention systems that check outgoing traffic...

    Provided By USEnet Live!

  • White Papers // Mar 2008

    Biometric Daemons: Authentication Via Electronic Pets

    A well-known security and identification problem involves the creation of secure but usable identification and authentication tools that the user is fully motivated to adopt. The authors describe an innovative solution to this problem: the biometric daemon, which takes its inspiration from two sources. It is firstly conceived as a...

    Provided By USEnet Live!

  • White Papers // Jan 2008

    BPLRU: A Buffer Management Scheme for Improving Random Writes in Flash Storage

    Flash memory has become the most important storage media in mobile devices, and is beginning to replace hard disks in desktop systems. However, its relatively poor random write performance may cause problems in the desktop environment, which has much more complicated requirements than mobile devices. While a RAM buffer has...

    Provided By USEnet Live!

  • White Papers // Jul 2007

    Securing Network Input via a Trusted Input Proxy

    The increasing popularity of online transactions involving sensitive personal data, such as bank account and social security numbers, has created a huge security problem for today's computer users. Malicious software (malware) that steals passwords and other critical user input has led to countless cases of identity theft and financial fraud....

    Provided By USEnet Live!

  • White Papers // Jul 2007

    A Hypervisor Based Security Testbed

    The authors are developing an experimental testbed intended to help support security research. The testbed allows a network of unmodified hosts to be subjected to security attacks in a controlled, observable, and reproducible manner using hypervisor technology. The two most notable characteristics of their testbed are the use of a...

    Provided By USEnet Live!

  • White Papers // Jul 2007

    SEER: A Security Experimentation EnviRonment for DETER

    Configuring a security experiment can be tedious, involving many low level and repetitive configuration tasks. In order to make DETER's capabilities accessible to users at all skill levels, the authors have designed and implemented a Security Experimentation EnviRonment (SEER) that provides security researchers the ability to create, plan, and iterate...

    Provided By USEnet Live!

  • White Papers // Jun 2007

    An Authentication and Ballot Layout Attack Against an Optical Scan Voting Terminal

    Recently, two e-voting technologies have been introduced and used extensively in election procedures: Direct Recording Electronic (DRE) systems and optical scanners. The latter are typically deemed safer as many recent security reports have discovered substantial vulnerabilities in a variety of DRE systems. In this paper, the authors present an attack...

    Provided By USEnet Live!

  • White Papers // Apr 2007

    AS-Based Accountability as a Cost-Effective DDoS Defense

    Defenses against botnet-based Distributed Denial-of-Service (DDoS) attacks must demonstrate that in addition to being technically feasible, they are also economically viable, particularly when compared with the two most widely deployed defenses - simple massive over provisioning of resources to absorb and handle DDoS traffic, and \"Scrubbing\" of incoming traffic by...

    Provided By USEnet Live!

  • White Papers // Apr 2007

    A Case Study of the Rustock Rootkit and Spam Bot

    In this paper, the authors presented the steps leading up to the extraction of the spam bot payload found within a backdoor rootkit known as Backdoor.Rustock.B or Spam-Mailbot.c. Following the extraction of the spam module they focus their analysis on the steps necessary to decrypt the communications between the command...

    Provided By USEnet Live!

  • White Papers // Nov 2006

    Firewall Analysis with Policy-Based Host Classification

    For administrators of large systems, testing and debugging a firewall policy is a difficult process. The size and complexity of many firewall policies make manual inspection of the rule set tedious and error-prone. The complex interaction of conflicting rules can conceal serious errors that compromise the security of the network...

    Provided By USEnet Live!

  • White Papers // Nov 2006

    A Forensic Analysis of a Distributed Two-Stage Web-Based Spam Attack

    Open mail relays have long been vilified as one of the key vectors for spam, and today - thanks to education and the blocking efforts of Open Relay DataBases (ORDBs) - relatively few open relays remain to serve spammers. Yet a critical and widespread vulnerability remains in an as-yet unaddressed...

    Provided By USEnet Live!

  • White Papers // Aug 2006

    Sensor Network Security: More Interesting Than You Think

    With the advent of low-power wireless sensor networks, a wealth of new applications at the interface of the real and digital worlds is emerging. A distributed computing platform that can measure properties of the real world, formulate intelligent inferences, and instrument responses, requires strong foundations in distributed computing, artificial intelligence,...

    Provided By USEnet Live!

  • White Papers // Aug 2009

    An SSH-Based Toolkit for User-Based Network Services

    Network authentication, even when using libraries intended to simplify the task, is inordinately difficult. Separate libraries are used for cryptography, network authentication protocols, accessing stored authentication information, and verifying the identity of remote entities. In addition, service used must be authorized. Finally, privilege separation is needed to separate security sensitive,...

    Provided By USEnet Live!

  • White Papers // Jun 2010

    Collaborative Intrusion Detection Framework: Characteristics, Adversarial Opportunities and Countermeasures

    Complex Internet attacks may come from multiple sources, and target multiple networks and technologies. Nevertheless, Collaborative Intrusion Detection Systems (CIDS) emerges as a promising solution by using information from multiple sources to gain a better understanding of objective and impact of complex Internet attacks. CIDS also help to cope with...

    Provided By USEnet Live!

  • White Papers // Jan 2014

    Pushing Boulders Uphill: The Difficulty of Network Intrusion Recovery

    One of the most significant unsolved problems for network managers and system administrators is how to repair a network infrastructure after discovering evidence of an extensive compromise. The technical issues are compounded by a breathtaking variety of human factors. The authors present a study of three significant compromises of a...

    Provided By USEnet Live!

  • White Papers // Sep 2011

    Using Active Intrusion Detection to Recover Network Trust

    Most existing Intrusion Detection Systems (IDS) take a passive approach to observing attacks or noticing exploits. The authors suggest that Active Intrusion Detection (AID) techniques provide value, particularly in scenarios where an administrator attempts to recover a network infrastructure from a compromise. In such cases, an attacker may have corrupted...

    Provided By USEnet Live!

  • White Papers // Mar 2012

    Classification of UDP Traffic for DDoS Detection

    UDP traffic has recently been used extensively in flooding-based Distributed Denial of Service (DDoS) attacks, most notably by those launched by the Anonymous group. Despite extensive past research in the general area of DDoS detection/prevention, the industry still lacks effective tools to deal with DDoS attacks leveraging UDP traffic. In...

    Provided By USEnet Live!

  • White Papers // Jun 2006

    Efficient and Secure Source Authentication with Packet Passports

    A key challenge in combating Denial of Service (DoS) attacks is to reliably identify attack sources from packet contents. If a source can be reliably identified, routers can stop an attack by filtering packets from the attack sources without causing collateral damage to legitimate traffic. This task is difficult because...

    Provided By USEnet Live!

  • White Papers // Apr 2007

    AS-Based Accountability as a Cost-Effective DDoS Defense

    Defenses against botnet-based Distributed Denial-of-Service (DDoS) attacks must demonstrate that in addition to being technically feasible, they are also economically viable, particularly when compared with the two most widely deployed defenses - simple massive over provisioning of resources to absorb and handle DDoS traffic, and \"Scrubbing\" of incoming traffic by...

    Provided By USEnet Live!

  • White Papers // Nov 2006

    Firewall Analysis with Policy-Based Host Classification

    For administrators of large systems, testing and debugging a firewall policy is a difficult process. The size and complexity of many firewall policies make manual inspection of the rule set tedious and error-prone. The complex interaction of conflicting rules can conceal serious errors that compromise the security of the network...

    Provided By USEnet Live!

  • White Papers // Aug 2006

    Sensor Network Security: More Interesting Than You Think

    With the advent of low-power wireless sensor networks, a wealth of new applications at the interface of the real and digital worlds is emerging. A distributed computing platform that can measure properties of the real world, formulate intelligent inferences, and instrument responses, requires strong foundations in distributed computing, artificial intelligence,...

    Provided By USEnet Live!

  • White Papers // Jul 2008

    Research Challenges for the Security of Control Systems

    The authors have presented the current status of the field of secure control. They identified some unique properties that these systems have in comparison to traditional IT systems and proposed some new research challenges based on the physical models of the process being controlled. Their research challenges are mostly unsolved...

    Provided By USEnet Live!

  • White Papers // Jun 2012

    Body Area Network Security: Robust Key Establishment Using Human Body Channel

    In order for two sensors within a body area network to determine they are on the same body, e.g., for security purposes, extensive prior work considers the use of physiological values. The authors study the practicality of using body physiological values for securely exchanging messages for sharing keys. Due to...

    Provided By USEnet Live!

  • White Papers // Jul 2007

    SEER: A Security Experimentation EnviRonment for DETER

    Configuring a security experiment can be tedious, involving many low level and repetitive configuration tasks. In order to make DETER's capabilities accessible to users at all skill levels, the authors have designed and implemented a Security Experimentation EnviRonment (SEER) that provides security researchers the ability to create, plan, and iterate...

    Provided By USEnet Live!

  • White Papers // Jun 2012

    An Evaluation of the Google Chrome Extension Security Architecture

    Vulnerabilities in browser extensions put users at risk by providing a way for website and network attackers to gain access to users' private data and credentials. Extensions can also introduce vulnerabilities into the websites that they modify. In 2009, Google Chrome introduced a new extension platform with several features intended...

    Provided By USEnet Live!

  • White Papers // Jul 2010

    The Blunderdome: An Offensive Exercise for Building Network, Systems, and Web Security Awareness

    In spite of the controversy surrounding the practice of using offensive computer security exercises in information assurance curricula, it holds significant educational value. An exercise and architecture for an asymmetric (offense-only) security project, nicknamed \"Blunderdome\", has been deployed twice at the University of Tulsa: once to graduate students in a...

    Provided By USEnet Live!

  • White Papers // Mar 2011

    Towards Automated Identification of Security Zone Classification in Enterprise Networks

    Knowledge of the security zone classification of devices in an enterprise Information Technology (IT) infrastructure is essential in many enterprise IT transformation and optimization activities. The authors describe a systematic and semi-automated approach for discovering the security zone classification of devices in an enterprise network. For reduced interference with normal...

    Provided By USEnet Live!

  • White Papers // Jun 2012

    Chimera: A Declarative Language for Streaming Network Traffic Analysis

    Intrusion detection systems play a vital role in network security. Central to these systems is the language used to express policies. Ideally, this language should be powerful, implementation-agnostic, and cross-platform. Unfortunately, today's popular intrusion detection systems fall short of this paper. Each has their own policy language in which expressing...

    Provided By USEnet Live!

  • White Papers // Jul 2008

    Towards Quantification of Network-Based Information Leaks via HTTP

    As the internet grows and network bandwidth continues to increase, administrators are faced with the task of keeping confidential information from leaving their networks. Today's network traffic is so voluminous that manual inspection would be unreasonably expensive. In response, researchers have created data loss prevention systems that check outgoing traffic...

    Provided By USEnet Live!

  • White Papers // Jun 2011

    Secure In-Band Wireless Pairing

    In this paper, the authors present the first wireless pairing protocol that works in-band, with no pre-shared keys, and protects against MITM attacks. The main innovation is a new key exchange message constructed in a manner that ensures an adversary can neither hide the fact that a message was transmitted,...

    Provided By USEnet Live!

  • White Papers // Jul 2007

    A Hypervisor Based Security Testbed

    The authors are developing an experimental testbed intended to help support security research. The testbed allows a network of unmodified hosts to be subjected to security attacks in a controlled, observable, and reproducible manner using hypervisor technology. The two most notable characteristics of their testbed are the use of a...

    Provided By USEnet Live!

  • White Papers // Jan 2014

    EVA: A Framework for Network Analysis and Risk Assessment

    Evolutionary Vulnerability Analysis (EVA) is an attack graph tool that allows an administrator to assess and analyze a network in a variety of fashions. Unlike other attack graph tools which just focus on visualizing the network or recommending a set of patches to secure the network, EVA goes beyond these...

    Provided By USEnet Live!

  • White Papers // Jun 2011

    Security Fusion: A New Security Architecture for Resource-Constrained Environments

    There is a huge demand for wireless sensors and RFID tags for remote surveillance and tracking. However, in order for such technologies to gain wide acceptance in industry, there needs to be strong security integrated into them. Traditional cryptographic schemes are infeasible due to hardware, computation, and power constraints. To...

    Provided By USEnet Live!

  • White Papers // Jul 2007

    Securing Network Input via a Trusted Input Proxy

    The increasing popularity of online transactions involving sensitive personal data, such as bank account and social security numbers, has created a huge security problem for today's computer users. Malicious software (malware) that steals passwords and other critical user input has led to countless cases of identity theft and financial fraud....

    Provided By USEnet Live!

  • White Papers // Jun 2011

    Toward Secure Embedded Web Interfaces

    The authors address the challenge of building secure embedded web interfaces by proposing WebDroid: the first framework specifically dedicated to this purpose. Their design extends the Android Framework, and enables developers to create easily secure web interfaces for their applications. To motivate their work, they perform an in-depth study of...

    Provided By USEnet Live!

  • White Papers // Jun 2012

    Enhanced Operating System Security Through Efficient and Fine-Grained Address Space Randomization

    In recent years, the deployment of many application level countermeasures against memory errors and the increasing number of vulnerabilities discovered in the kernel has fostered a renewed interest in kernel-level exploitation. Unfortunately, no comprehensive and well established mechanism exists to protect the operating system from arbitrary attacks, due to the...

    Provided By USEnet Live!

  • White Papers // Jun 2012

    New Attacks on Timing-based Network Flow Watermarks

    A network flow watermarking scheme attempts to manipulate the statistical properties of a flow of packets to insert a \"Mark\" making it easier to detect the flow after passing through one or more relay hosts. Because an attacker that is willing to tolerate delay can (nearly) always eliminate such marks,...

    Provided By USEnet Live!

  • White Papers // Sep 2011

    Local System Security via SSHD Instrumentation

    The adoption of SSH as the defacto protocol for interactive shell access has proven to be extremely successful in terms of avoiding shared media credential theft and man in the middle attacks. In this paper, the authors describe a method for near real-time identification of attack behavior and local security...

    Provided By USEnet Live!

  • White Papers // Jan 2014

    ConfiDNS: Leveraging Scale and History to Improve DNS Security

    The use of distributed computing to address performance and reliability problems in the Domain Name System (DNS) has recently received much research attention, and has spawned two widely-deployed distributed systems, CoDNS and CoDoNS. While cooperative DNS resolver systems, such as Co-DNS, have demonstrated improved reliability and performance over standard approaches,...

    Provided By USEnet Live!

  • White Papers // Jul 2010

    Visual Security Policy for the Web

    Many web security vulnerabilities allow parts of a page to interact when they should be isolated. Such vulnerabilities can be mitigated by implementing protection boundaries between web page elements. Several methods exist for creating such boundaries, but existing methods require relatively sophisticated knowledge of web technologies. To make protection mechanisms...

    Provided By USEnet Live!

  • White Papers // Jan 2013

    Horus: Fine-Grained Encryption-Based Security for Large-Scale Storage

    With the growing use of large-scale distributed systems, the likelihood that at least one node is compromised is increasing. Large-scale systems that process sensitive data such as geographic data with defense implications, drug modeling, nuclear explosion modeling, and private genomic data would benefit greatly from strong security for their storage....

    Provided By USEnet Live!

  • White Papers // Jun 2012

    Towards a Framework for Evaluating BGP Security

    Security and performance evaluation of Internet protocols can be greatly aided by emulation in realistic deployment scenarios. The authors describe their implementation of such methods which uses high-level abstractions to bring simplicity into a virtualized test-lab. They argue that current test-labs have not adequately captured those challenges, partly because their...

    Provided By USEnet Live!

  • White Papers // Jul 2011

    Towards Client-Side HTML Security Policies

    With the proliferation of content rich web applications, content injection has become an increasing problem. Cross site scripting is the most prominent examples of this. Many systems have been designed to mitigate content injection and cross site scripting. Notable examples are BEEP, BLUEPRINT, and content security policy, which can be...

    Provided By USEnet Live!

  • White Papers // Jul 2008

    Experiment Isolation in a Secure Cluster Testbed

    A major class of network emulation testbeds is based on the Utah Emulab design: a local cluster of experimental nodes interconnected through Ethernet switches using VLANs. The VLANs are configured dynamically to create multiple concurrent experimental topologies. This cluster architecture allows deterministic testbed operation and therefore repeatable experiments. This paper...

    Provided By USEnet Live!

  • White Papers // Apr 2007

    A Case Study of the Rustock Rootkit and Spam Bot

    In this paper, the authors presented the steps leading up to the extraction of the spam bot payload found within a backdoor rootkit known as Backdoor.Rustock.B or Spam-Mailbot.c. Following the extraction of the spam module they focus their analysis on the steps necessary to decrypt the communications between the command...

    Provided By USEnet Live!

  • White Papers // Mar 2011

    The Nuts and Bolts of a Forum Spam Automator

    Web boards, blogs, wikis, and guestbooks are forums frequented and contributed to by many Web users. Unfortunately, the utility of these forums is being diminished due to spamming, where miscreants post messages and links not intended to contribute to forums, but to advertise their websites. Many such links are malicious....

    Provided By USEnet Live!

  • White Papers // Nov 2006

    A Forensic Analysis of a Distributed Two-Stage Web-Based Spam Attack

    Open mail relays have long been vilified as one of the key vectors for spam, and today - thanks to education and the blocking efforts of Open Relay DataBases (ORDBs) - relatively few open relays remain to serve spammers. Yet a critical and widespread vulnerability remains in an as-yet unaddressed...

    Provided By USEnet Live!

  • White Papers // Apr 2010

    Detection of Spam Hosts and Spam Bots Using Network Flow Traffic Modeling

    In this paper, the authors present an approach for detecting e-mail spam originating hosts, spam bots and their respective controllers based on network flow data and DNS metadata. Their approach consists of first establishing SMTP traffic models of legitimate vs. spammer SMTP clients and then classifying unknown SMTP clients with...

    Provided By USEnet Live!

  • White Papers // Jan 2008

    BPLRU: A Buffer Management Scheme for Improving Random Writes in Flash Storage

    Flash memory has become the most important storage media in mobile devices, and is beginning to replace hard disks in desktop systems. However, its relatively poor random write performance may cause problems in the desktop environment, which has much more complicated requirements than mobile devices. While a RAM buffer has...

    Provided By USEnet Live!

  • White Papers // Mar 2013

    Chatty Tenants and the Cloud Network Sharing Problem

    The emerging ecosystem of cloud applications leads to significant inter-tenant communication across a datacenter's internal network. This poses new challenges for cloud network sharing. Richer inter-tenant traffic patterns make it hard to offer minimum bandwidth guarantees to tenants. Further, for communication between economically distinct entities, it is not clear whose...

    Provided By USEnet Live!

  • White Papers // Mar 2008

    Biometric Daemons: Authentication Via Electronic Pets

    A well-known security and identification problem involves the creation of secure but usable identification and authentication tools that the user is fully motivated to adopt. The authors describe an innovative solution to this problem: the biometric daemon, which takes its inspiration from two sources. It is firstly conceived as a...

    Provided By USEnet Live!

  • White Papers // Jun 2006

    Biometric Authentication Revisited: Understanding the Impact of Wolves in Sheep's Clothing

    Biometric security is a topic of rapidly growing importance, especially as it applies to user authentication and key generation. In this paper, the authors describe their initial steps towards developing evaluation methodologies for behavioral biometrics that take into account threat models which have largely been ignored. They argue that the...

    Provided By USEnet Live!