USENIX Association

Displaying 1-10 of 10 results

  • White Papers // Sep 2010

    Static Checking of Dynamically-Varying Security Policies in Database-Backed Applications

    The authors present a system for sound static checking of security policies for database-backed web applications. The tool checks a combination of access control and information flow policies, where the policies vary based on database contents. For instance, one or more database tables may represent an access control matrix, controlling...

    Provided By USENIX Association

  • White Papers // Jun 2010

    PrETP: Privacy-Preserving Electronic Toll Pricing

    Current Electronic Toll Pricing (ETP) implementations rely on on-board units sending fine-grained location data to the service provider. The authors present PrETP, a privacy-preserving ETP system in which on-board units can prove that they use genuine data and perform correct operations while disclosing the minimum amount of location data. PrETP...

    Provided By USENIX Association

  • White Papers // Jun 2010

    Adapting Software Fault Isolation to Contemporary CPU Architectures

    Software Fault Isolation (SFI) is an effective approach to sandboxing binary code of questionable provenance, an interesting use case for native plugins in a Web browser. The authors present software fault isolation schemes for ARM and x86-64 that provide control-flow and memory integrity with average performance overhead of under 5%...

    Provided By USENIX Association

  • White Papers // Jun 2009

    Effective and Efficient Malware Detection at the End Host

    Malware is one of the most serious security threats on the Internet today. In fact, most Internet problems such as spam e-mails and denial of service attacks have malware as their underlying cause. That is, computers that are compromised with malware are often networked together to form botnets, and many...

    Provided By USENIX Association

  • White Papers // Jun 2009

    Measurement and Classification of Humans and Bots in Internet Chat

    The abuse of chat services by automated programs, known as chat bots, poses a serious threat to Internet users. Chat bots target popular chat networks to distribute spam and malware. This paper, first conducts a series of measurements on a large commercial chat network. It measurements capture a total of...

    Provided By USENIX Association

  • White Papers // Jun 2009

    Physical-Layer Identification of RFID Devices

    In this paper, the authors per form the first comprehensive study of physical-layer identification of RFID transponders. They propose several techniques for the extraction of RFID physical-layer fingerprints. They show that RFID transponders can be accurately identified in a controlled environment based on stable fingerprints corresponding to their physical-layer properties....

    Provided By USENIX Association

  • White Papers // May 2009

    Unpacking Virtualization Obfuscators

    Nearly every malware sample is sheathed in an executable protection which must be removed before static analyzes can proceed. Existing research has studied automatically unpacking certain protections, but has not yet caught up with many modern techniques. Contrary to prior assumptions, protected programs do not always have the property that...

    Provided By USENIX Association

  • White Papers // Mar 2009

    Sora: High Performance Software Radio Using General Purpose Multi-Core Processors

    This paper presents Sora, a fully programmable software radio platform on commodity PC architectures. Sora combines the performance and fidelity of hardware SDR platforms with the programmability and flexibility of General-Purpose Processor (GPP) SDR platforms. Sora uses both hardware and software techniques to address the challenges of using PC architectures...

    Provided By USENIX Association

  • White Papers // Jan 2009

    DIADS: Addressing the "My-Problem-or-Yours" Syndrome With Integrated SAN and Database Diagnosis

    The authors present DIADS, an integrated DIAgnosis tool for Databases and Storage Area Networks (SANs). Existing diagnosis tools in this domain have a database-only or SAN-only focus. DIADS is a first-of-a-kind framework based on a careful integration of information from the database and SAN subsystems; and is not a simple...

    Provided By USENIX Association

  • White Papers // Aug 2008

    Building a More Secure Web Browser

    The modern Web browser has evolved from a relatively simple client application designed to display static data into a complex networked operating system tasked with managing many facets of online experience. Support for dynamic content, multimedia data, and third-party plug-ins greatly enriches the browsing experience at the cost of increased...

    Provided By USENIX Association

  • White Papers // Jun 2009

    Measurement and Classification of Humans and Bots in Internet Chat

    The abuse of chat services by automated programs, known as chat bots, poses a serious threat to Internet users. Chat bots target popular chat networks to distribute spam and malware. This paper, first conducts a series of measurements on a large commercial chat network. It measurements capture a total of...

    Provided By USENIX Association

  • White Papers // Jun 2009

    Effective and Efficient Malware Detection at the End Host

    Malware is one of the most serious security threats on the Internet today. In fact, most Internet problems such as spam e-mails and denial of service attacks have malware as their underlying cause. That is, computers that are compromised with malware are often networked together to form botnets, and many...

    Provided By USENIX Association

  • White Papers // Aug 2008

    Building a More Secure Web Browser

    The modern Web browser has evolved from a relatively simple client application designed to display static data into a complex networked operating system tasked with managing many facets of online experience. Support for dynamic content, multimedia data, and third-party plug-ins greatly enriches the browsing experience at the cost of increased...

    Provided By USENIX Association

  • White Papers // Jun 2010

    PrETP: Privacy-Preserving Electronic Toll Pricing

    Current Electronic Toll Pricing (ETP) implementations rely on on-board units sending fine-grained location data to the service provider. The authors present PrETP, a privacy-preserving ETP system in which on-board units can prove that they use genuine data and perform correct operations while disclosing the minimum amount of location data. PrETP...

    Provided By USENIX Association

  • White Papers // Jun 2010

    Adapting Software Fault Isolation to Contemporary CPU Architectures

    Software Fault Isolation (SFI) is an effective approach to sandboxing binary code of questionable provenance, an interesting use case for native plugins in a Web browser. The authors present software fault isolation schemes for ARM and x86-64 that provide control-flow and memory integrity with average performance overhead of under 5%...

    Provided By USENIX Association

  • White Papers // Sep 2010

    Static Checking of Dynamically-Varying Security Policies in Database-Backed Applications

    The authors present a system for sound static checking of security policies for database-backed web applications. The tool checks a combination of access control and information flow policies, where the policies vary based on database contents. For instance, one or more database tables may represent an access control matrix, controlling...

    Provided By USENIX Association

  • White Papers // Mar 2009

    Sora: High Performance Software Radio Using General Purpose Multi-Core Processors

    This paper presents Sora, a fully programmable software radio platform on commodity PC architectures. Sora combines the performance and fidelity of hardware SDR platforms with the programmability and flexibility of General-Purpose Processor (GPP) SDR platforms. Sora uses both hardware and software techniques to address the challenges of using PC architectures...

    Provided By USENIX Association

  • White Papers // Jun 2009

    Physical-Layer Identification of RFID Devices

    In this paper, the authors per form the first comprehensive study of physical-layer identification of RFID transponders. They propose several techniques for the extraction of RFID physical-layer fingerprints. They show that RFID transponders can be accurately identified in a controlled environment based on stable fingerprints corresponding to their physical-layer properties....

    Provided By USENIX Association

  • White Papers // May 2009

    Unpacking Virtualization Obfuscators

    Nearly every malware sample is sheathed in an executable protection which must be removed before static analyzes can proceed. Existing research has studied automatically unpacking certain protections, but has not yet caught up with many modern techniques. Contrary to prior assumptions, protected programs do not always have the property that...

    Provided By USENIX Association

  • White Papers // Jan 2009

    DIADS: Addressing the "My-Problem-or-Yours" Syndrome With Integrated SAN and Database Diagnosis

    The authors present DIADS, an integrated DIAgnosis tool for Databases and Storage Area Networks (SANs). Existing diagnosis tools in this domain have a database-only or SAN-only focus. DIADS is a first-of-a-kind framework based on a careful integration of information from the database and SAN subsystems; and is not a simple...

    Provided By USENIX Association