Tools
Sorted by:
Try your query at:
 |
 |
 |
 |
 |
 |
Results 1 - 10
of
3,948
Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software
- In Network and Distributed Systems Security Symposium
, 2005
"... Software vulnerabilities have had a devastating effect on the Internet. Worms such as CodeRed and Slammer can compromise hundreds of thousands of hosts within hours or even minutes, and cause millions of dollars of damage [32, 51]. To successfully combat these fast automatic Internet attacks, we nee ..."
Abstract
-
Cited by 647 (32 self)
- Add to MetaCart
need fast automatic attack detection and filtering mechanisms. In this paper we propose dynamic taint analysis for automatic detection and analysis of overwrite attacks, which include most types of exploits. This approach does not need source code or special compilation for the monitored program
Yet Another MicroArchitectural Attack: Exploiting I-cache
- 14 th ACM Conference on Computer and Communications Security (ACM CCS’07) — Computer Security Architecture Workshop
, 2007
"... Abstract. MicroArchitectural Attacks (MA), which can be considered as a special form of Side-Channel Analysis, exploit microarchitectural functionalities of processor implementations and can compromise the security of computational environments even in the presence of sophisticated protection mechan ..."
Abstract
-
Cited by 55 (3 self)
- Add to MetaCart
Abstract. MicroArchitectural Attacks (MA), which can be considered as a special form of Side-Channel Analysis, exploit microarchitectural functionalities of processor implementations and can compromise the security of computational environments even in the presence of sophisticated protection
Friendin-the-middle attacks: Exploiting social networking sites for spam
- IEEE Internet Computing: Special Issue on Security and Privacy in Social Networks, 5 2011. Pre Print
"... In this work we present our friend-in-the-middle attacks on SNSs and how it can be used to harvest social data in an automated fashion. This social data can then be exploited for large-scale attacks such as context-aware spam and social-phishing. We prove the feasibility of our attack exemplary on F ..."
Abstract
-
Cited by 6 (3 self)
- Add to MetaCart
In this work we present our friend-in-the-middle attacks on SNSs and how it can be used to harvest social data in an automated fashion. This social data can then be exploited for large-scale attacks such as context-aware spam and social-phishing. We prove the feasibility of our attack exemplary
Blended Attacks Exploits, Vulnerabilities and Buffer-Overflow Techniques in Computer Viruses
- In Proc. of Virus Bulletin Conf
"... Exploits, vulnerabilities, and buffer-overflow techniques have been used by malicious hackers and virus writers for a long time. However, until recently, these techniques were not common place in computer viruses. The CodeRed worm was a major shock to the antivirus industry since it was the first wo ..."
Abstract
-
Cited by 8 (0 self)
- Add to MetaCart
Exploits, vulnerabilities, and buffer-overflow techniques have been used by malicious hackers and virus writers for a long time. However, until recently, these techniques were not common place in computer viruses. The CodeRed worm was a major shock to the antivirus industry since it was the first
A Unified Approach for Preventing Attacks Exploiting a Range of Software Vulnerabilities
- DEPARTMENT OF COMPUTER SCIENCE, STONY BROOK UNIVERSITY
, 2005
"... Software implementation bugs are behind most security vulnerabilities reported today. Our analysis of CVE vulnerabilities in 2003 and 2004 indicate that 20% of them were classified as DOS attacks, 30% are due to design errors, and almost every thing else is due to implementation errors. Among imp ..."
Abstract
-
Cited by 4 (0 self)
- Add to MetaCart
Software implementation bugs are behind most security vulnerabilities reported today. Our analysis of CVE vulnerabilities in 2003 and 2004 indicate that 20% of them were classified as DOS attacks, 30% are due to design errors, and almost every thing else is due to implementation errors. Among
Yet Another MicroArchitectural Attack: Exploiting I-cache
"... MicroArchitectural Attacks (MA), which can be considered as a special form of Side-Channel Analysis, exploit microar-chitectural functionalities of processor implementations and can compromise the security of computational environments even in the presence of sophisticated protection mechanisms like ..."
Abstract
- Add to MetaCart
MicroArchitectural Attacks (MA), which can be considered as a special form of Side-Channel Analysis, exploit microar-chitectural functionalities of processor implementations and can compromise the security of computational environments even in the presence of sophisticated protection mechanisms
The Anatomy of Cross Site Scripting Anatomy, Discovery, Attack, Exploitation
"... Cross site scripting (XSS) flaws are a relatively common issue in web application security, but they are still extremely lethal. They are unique in that, rather than attacking a server directly, they use a vulnerable server as a vector to attack a client. This can lead to ..."
Abstract
- Add to MetaCart
Cross site scripting (XSS) flaws are a relatively common issue in web application security, but they are still extremely lethal. They are unique in that, rather than attacking a server directly, they use a vulnerable server as a vector to attack a client. This can lead to
Channel switch and quiet attack: New DoS attacks exploiting the 802.11 standard
- Proceedings of the IEEE 34th Conference on Local Computer Networks, LCN (2009
"... Abstract—Network communication using unprotected air as a medium leads to unique challenges ensuring confidentiality, in-tegrity and availability. While newer amendments of IEEE 802.11 provide acceptable confidentiality and integrity, availability is still questionable despite broad usage of Wi-Fi t ..."
Abstract
-
Cited by 5 (0 self)
- Add to MetaCart
-Fi technologies for tasks where availability is critical. We will present new security weaknesses that we have identified in the 802.11 standard and especially the 802.11h amendment. Our results are underlined by an extensive analysis of attacks addressing the quiet informa-tion element and channel switch
Sybilguard: Defending against sybil attacks via social networks
- In ACM SIGCOMM ’06
, 2006
"... Peer-to-peer and other decentralized, distributed systems are known to be particularly vulnerable to sybil attacks. In a sybil attack, a malicious user obtains multiple fake identities and pretends to be multiple, distinct nodes in the system. By controlling a large fraction of the nodes in the syst ..."
Abstract
-
Cited by 331 (6 self)
- Add to MetaCart
Peer-to-peer and other decentralized, distributed systems are known to be particularly vulnerable to sybil attacks. In a sybil attack, a malicious user obtains multiple fake identities and pretends to be multiple, distinct nodes in the system. By controlling a large fraction of the nodes
All Your Screens are Belong to Us: Attacks Exploiting the HTML5 Screen Sharing API
"... Abstract—HTML5 changes many aspects in the browser world by introducing numerous new concepts; in particular, the new HTML5 screen sharing API impacts the security implications of browsers tremendously. One of the core assumptions on which browser security is built is that there is no cross-origin f ..."
Abstract
- Add to MetaCart
vision limitations, can introduce new vulnerabilities. An attacker can capture sensitive information from victim’s screen using the new API without the consensus of the victim. We investigate the security implications of the screen sharing API and discuss how existing defenses against traditional web
Results 1 - 10
of
3,948
