Now showing items 1-10 of 21
Unearthing Stealthy Program Attacks Buried in Extremely Long Execution Paths
Modern stealthy exploits can achieve attack goals without introducing illegal control flows, e.g., tampering with noncontrol data and waiting for the modified data to propagate and alter the control flow legally. Existing ...
Secure Coding Practices in Java: Challenges and Vulnerabilities
(Virginia Tech, 2017-09-28)
Java platform and third-party libraries provide various security features to facilitate secure coding. However, misusing these features can cost tremendous time and effort of developers or cause security vulnerabilities ...
Enterprise data breach: causes, challenges, prevention, and future directions
A data breach is the intentional or inadvertent exposure of confidential information to unauthorized parties. In the digital era, data has become one of the most critical components of an enterprise. Data leakage poses ...
Process Authentication for High System Assurance
(IEEE Computer Society, 2013-07-11)
This paper points out the need in modern operating system kernels for a process authentication mechanism, where a process of a user-level application proves its identity to the kernel. Process authentication is different ...
Keystroke-Dynamics Authentication Against Synthetic Forgeries
We describe the use of keystroke-dynamics patterns for authentication and detecting infected hosts, and evaluate its robustness against forgery attacks. Specifically, we present a remote authentication framework called ...
Personal Anomaly Detection and Smart-Phone Security
(Virginia Tech, 2010-04-22)
Mobile devices increasingly become the computing platform for networked applications such as Web and email. This development requires strong guarantees on the system integrity and data security of mobile devices against ...
User-Centric Dependence Analysis For Identifying Malicious Mobile Apps
This paper describes an efficient approach for identifying malicious Android mobile applications through specialized static program analysis. Our solution performs offline analysis and enforces the normal properties of ...
Provably Secure Anonymous-yet-Accountable Crowdsensing with Scalable Sublinear Revocation
(De Gruyter Open, 2017)
Group signature schemes enable anonymous-yetaccountable communications. Such a capability is extremely useful for applications, such as smartphone-based crowdsensing and citizen science. However, the performance of modern ...
Rapid Screening of Transformed Data Leaks with Efficient Algorithms and Parallel Computing
The leak of sensitive data on computer systems poses a serious threat to organizational security. Organizations need to identify the exposure of sensitive data by screening the content in storage and transmission, i.e., ...
Fast Detection of Transformed Data Leaks
(Ieee-Inst Electrical Electronics Engineers Inc, 2016-03-01)