Dynamic vs. static flow-sensitive security analysis
A Russo, A Sabelfeld - 2010 23rd IEEE Computer Security …, 2010 - ieeexplore.ieee.org
This paper seeks to answer fundamental questions about trade-offs between static and
dynamic security analysis. It has been previously shown that flow-sensitive static information …
dynamic security analysis. It has been previously shown that flow-sensitive static information …
Edit automata: Enforcement mechanisms for run-time security policies
We analyze the space of security policies that can be enforced by monitoring and modifying
programs at run time. Our program monitors, called edit automata, are abstract machines …
programs at run time. Our program monitors, called edit automata, are abstract machines …
Fast detection of scanning worm infections
SE Schechter, J Jung, AW Berger - … September 15-17, 2004. Proceedings 7, 2004 - Springer
Worm detection and response systems must act quickly to identify and quarantine scanning
worms, as when left unchecked such worms have been able to infect the majority of …
worms, as when left unchecked such worms have been able to infect the majority of …
What can you verify and enforce at runtime?
The underlying property, its definition, and representation play a major role when monitoring
a system. Having a suitable and convenient framework to express properties is thus a …
a system. Having a suitable and convenient framework to express properties is thus a …
[图书][B] The inlined reference monitor approach to security policy enforcement
U Erlingsson - 2004 - search.proquest.com
Embedding security enforcement code into applications is an alternative to traditional
security mechanisms. This dissertation supports the thesis that such Inlined Reference …
security mechanisms. This dissertation supports the thesis that such Inlined Reference …
Run-time enforcement of nonsafety policies
A common mechanism for ensuring that software behaves securely is to monitor programs at
run time and check that they dynamically adhere to constraints specified by a security policy …
run time and check that they dynamically adhere to constraints specified by a security policy …
[图书][B] Semantics of types for mutable state
AJ Ahmed - 2004 - search.proquest.com
Proof-carrying code (PCC) is a framework for mechanically verifying the safety of machine
language programs. A program that is successfully verified by a PCC system is guaranteed …
language programs. A program that is successfully verified by a PCC system is guaranteed …
Seismic: Secure in-lined script monitors for interrupting cryptojacks
A method of detecting and interrupting unauthorized, browser-based cryptomining is
proposed, based on semantic signature-matching. The approach addresses a new wave of …
proposed, based on semantic signature-matching. The approach addresses a new wave of …
Runtime enforcement monitors: composition, synthesis, and enforcement abilities
Runtime enforcement is a powerful technique to ensure that a program will respect a given
set of properties. We extend previous work on this topic in several directions. Firstly, we …
set of properties. We extend previous work on this topic in several directions. Firstly, we …
[图书][B] The compiler design handbook: optimizations and machine code generation
YN Srikant, P Shankar - 2002 - taylorfrancis.com
The widespread use of object-oriented languages and Internet security concerns are just the
beginning. Add embedded systems, multiple memory banks, highly pipelined units …
beginning. Add embedded systems, multiple memory banks, highly pipelined units …