Now showing items 1-6 of 6
Symbolic Execution for (Almost) Free: Hijacking an Existing Implementation to Perform Symbolic Execution
Symbolic execution of a language is traditionally achieved by replacing the language s interpreter with an entirely new interpreter. This may be an unnecessary burden, and it is tempting instead to try to use as much of ...
Whanaungatanga: Sybil-proof routing with social networks
Decentralized systems, such as distributed hash tables, are subject to the Sybil attack, in which an adversary creates many false identities to increase its influence. This paper proposes a routing protocol for a distributed ...
Information Flow for Secure Distributed Applications
Private and confidential information is increasingly stored online and increasingly being exposed due to human errors as well as malicious attacks. Information leaks threaten confidentiality, lead to lawsuits, damage ...
Toward Secure Services from Untrusted Developers
We present a secure service prototype built from untrusted,contributed code.The service manages private data for a variety of different users, anduser programs frequently require access to other users' private data.However, ...
Precise and Comprehensive Provenance Tracking for Android Devices
Detailed information about the paths that data take through a system is invaluable for understanding sources and behaviors of complex exfiltration malware. We present a new system, ClearScope, that tracks, at the level of ...
Comprehensive Java Metadata Tracking for Attack Detection and Repair
We present ClearTrack, a system that tracks 32 bits of metadata for each primitive value in Java programs to detect and nullify a range of vulnerabilities such as integer overflow and underflow vulnerabilities, SQL injection ...