| dc.contributor.author | Chen, Haogang | |
| dc.contributor.author | Cutler, Cody | |
| dc.contributor.author | Kim, Taesoo | |
| dc.contributor.author | Mao, Yandong | |
| dc.contributor.author | Wang, Xi | |
| dc.contributor.author | Zeldovich, Nickolai | |
| dc.contributor.author | Kaashoek, M. Frans | |
| dc.date.accessioned | 2014-05-09T13:12:29Z | |
| dc.date.available | 2014-05-09T13:12:29Z | |
| dc.date.issued | 2013-07 | |
| dc.identifier.isbn | 9781450323161 | |
| dc.identifier.uri | http://hdl.handle.net/1721.1/86887 | |
| dc.description.abstract | Because embedded interpreters offer flexibility and performance, they are becoming more prevalent, and can be found at nearly every level of the software stack. As one example, the Linux kernel defines languages to describe packet filtering rules and uses embedded interpreters to filter packets at run time. As another example, the RAR archive format allows embedding bytecode in compressed files to describe reversible transformations for decompression. This paper presents an analysis of common pitfalls in embedded interpreter implementations, which can lead to security vulnerabilities, and their impact. We hope that these results are useful both in augmenting existing embedded interpreters and in aiding developers in building new, more secure embedded interpreters. | en_US |
| dc.description.sponsorship | United States. Defense Advanced Research Projects Agency. Clean-slate design of Resilient, Adaptive, Secure Hosts (Contract N66001-10-2-4089) | en_US |
| dc.description.sponsorship | National Science Foundation (U.S.) (Award CNS-1053143) | en_US |
| dc.language.iso | en_US | |
| dc.publisher | Edition Open Access | en_US |
| dc.relation.isversionof | http://dx.doi.org/10.1145/2500727.2500747 | en_US |
| dc.rights | Creative Commons Attribution-Noncommercial-Share Alike | en_US |
| dc.rights.uri | http://creativecommons.org/licenses/by-nc-sa/4.0/ | en_US |
| dc.source | MIT web domain | en_US |
| dc.title | Security bugs in embedded interpreters | en_US |
| dc.type | Article | en_US |
| dc.identifier.citation | Haogang Chen, Cody Cutler, Taesoo Kim, Yandong Mao, Xi Wang, Nickolai Zeldovich, and M. Frans Kaashoek. 2013. Security bugs in embedded interpreters. In Proceedings of the 4th Asia-Pacific Workshop on Systems (APSys '13). ACM, New York, NY, USA, Article 17, 7 pages. | en_US |
| dc.contributor.department | Massachusetts Institute of Technology. Computer Science and Artificial Intelligence Laboratory | en_US |
| dc.contributor.department | Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science | en_US |
| dc.contributor.mitauthor | Chen, Haogang | en_US |
| dc.contributor.mitauthor | Cutler, Cody | en_US |
| dc.contributor.mitauthor | Kim, Taesoo | en_US |
| dc.contributor.mitauthor | Mao, Yandong | en_US |
| dc.contributor.mitauthor | Wang, Xi | en_US |
| dc.contributor.mitauthor | Zeldovich, Nickolai | en_US |
| dc.contributor.mitauthor | Kaashoek, M. Frans | en_US |
| dc.relation.journal | Proceedings of the 4th Asia-Pacific Workshop on Systems (APSys '13) | en_US |
| dc.eprint.version | Author's final manuscript | en_US |
| dc.type.uri | http://purl.org/eprint/type/ConferencePaper | en_US |
| eprint.status | http://purl.org/eprint/status/NonPeerReviewed | en_US |
| dspace.orderedauthors | Chen, Haogang; Cutler, Cody; Kim, Taesoo; Mao, Yandong; Wang, Xi; Zeldovich, Nickolai; Kaashoek, M. Frans | en_US |
| dc.identifier.orcid | https://orcid.org/0000-0003-0238-2703 | |
| dc.identifier.orcid | https://orcid.org/0000-0002-2898-1686 | |
| dc.identifier.orcid | https://orcid.org/0000-0002-2942-9981 | |
| dc.identifier.orcid | https://orcid.org/0000-0001-7098-586X | |
| mit.license | OPEN_ACCESS_POLICY | en_US |
| mit.metadata.status | Complete | |
