发布求助
文献互助 智能选刊 最新文献

2009 30th IEEE Symposium on Security and Privacy最新文献

筛选
英文 中文
Exploiting Unix File-System Races via Algorithmic Complexity Attacks 通过算法复杂性攻击利用Unix文件系统竞争
2009 30th IEEE Symposium on Security and Privacy Pub Date : 2009-05-17 DOI: 10.1109/SP.2009.10
Xiang Cai, Yuwei Gui, Rob Johnson
{"title":"Exploiting Unix File-System Races via Algorithmic Complexity Attacks","authors":"Xiang Cai, Yuwei Gui, Rob Johnson","doi":"10.1109/SP.2009.10","DOIUrl":"https://doi.org/10.1109/SP.2009.10","url":null,"abstract":"We defeat two proposed Unix file-system race condition defense mechanisms. First, we attack the probabilistic defense mechanism of Tsafrir, et al., published at USENIX FAST 2008. We then show that the same attack breaks the kernel-based dynamic race detector of Tsyrklevich and Yee, published at USENIX Security 2003. We then argue that all kernel-based dynamic race detectors must have a model of the programs they protect or provide imperfect protection. The techniques we develop for performing these attacks work on multiple Unix operating systems, on uni- and multi-processors, and are useful for exploiting most Unix file-system races. We conclude that programmers should use provably-secure methods for avoiding race conditions when accessing the file-system.","PeriodicalId":161757,"journal":{"name":"2009 30th IEEE Symposium on Security and Privacy","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-05-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125823916","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 66
Pretty-Bad-Proxy: An Overlooked Adversary in Browsers' HTTPS Deployments 相当糟糕的代理:浏览器HTTPS部署中被忽视的对手
2009 30th IEEE Symposium on Security and Privacy Pub Date : 2009-05-17 DOI: 10.1109/SP.2009.12
Shuo Chen, Ziqing Mao, Yi-Min Wang, Ming Zhang
{"title":"Pretty-Bad-Proxy: An Overlooked Adversary in Browsers' HTTPS Deployments","authors":"Shuo Chen, Ziqing Mao, Yi-Min Wang, Ming Zhang","doi":"10.1109/SP.2009.12","DOIUrl":"https://doi.org/10.1109/SP.2009.12","url":null,"abstract":"HTTPS is designed to provide secure web communications over insecure networks. The protocol itself has been rigorously designed and evaluated by assuming the network as an adversary. This paper is motivated by our curiosity about whether such an adversary has been carefully examined when HTTPS is integrated into the browser/web systems. We focus on a specific adversary named “Pretty-Bad-Proxy” (PBP). PBP is a malicious proxy targeting browsers’ rendering modules above the HTTP/HTTPS layer. It attempts to break the end-to-end security guarantees of HTTPS without breaking any cryptographic scheme. We discovered a set of vulnerabilities exploitable by a PBP: in many realistic network environments where attackers can sniff the browser traffic, they can steal sensitive data from an HTTPS server, fake an HTTPS page and impersonate an authenticated user to access an HTTPS server. These vulnerabilities reflect the neglects in the design of modern browsers – they affect multiple major browsers and a large number of websites. We believe that the PBP adversary has not been rigorously examined in the browser/web industry. The vendors of the affected browsers have all confirmed the vulnerabilities reported in this paper. Most of them have patched or planned on patching their browsers. We believe the attack scenarios described in this paper may only be a subset of the vulnerabilities under PBP. Thus further (and more rigorous) evaluations of the HTTPS deployments in browsers appear to be necessary.","PeriodicalId":161757,"journal":{"name":"2009 30th IEEE Symposium on Security and Privacy","volume":"69 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-05-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115738007","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 26
Secure Content Sniffing for Web Browsers, or How to Stop Papers from Reviewing Themselves 安全内容嗅探网络浏览器,或如何阻止文件审查自己
2009 30th IEEE Symposium on Security and Privacy Pub Date : 2009-05-17 DOI: 10.1109/SP.2009.3
A. Barth, Juan Caballero, D. Song
{"title":"Secure Content Sniffing for Web Browsers, or How to Stop Papers from Reviewing Themselves","authors":"A. Barth, Juan Caballero, D. Song","doi":"10.1109/SP.2009.3","DOIUrl":"https://doi.org/10.1109/SP.2009.3","url":null,"abstract":"Cross-site scripting defenses often focus on HTML documents, neglecting attacks involving the browser's content-sniffing algorithm, which can treat non-HTML content as HTML. Web applications, such as the one that manages this conference, must defend themselves against these attacks or risk authors uploading malicious papers that automatically submit stellar self-reviews. In this paper, we formulate content-sniffing XSS attacks and defenses. We study content-sniffing XSS attacks systematically by constructing high-fidelity models of the content-sniffing algorithms used by four major browsers. We compare these models with Web site content filtering policies to construct attacks. To defend against these attacks, we propose and implement a principled content-sniffing algorithm that provides security while maintaining compatibility. Our principles have been adopted, in part, by Internet Explorer 8 and, in full, by Google Chrome and the HTML 5 working group.","PeriodicalId":161757,"journal":{"name":"2009 30th IEEE Symposium on Security and Privacy","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-05-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124640546","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 118
Native Client: A Sandbox for Portable, Untrusted x86 Native Code 原生客户端:可移植的、不受信任的x86原生代码的沙箱
2009 30th IEEE Symposium on Security and Privacy Pub Date : 2009-05-17 DOI: 10.1145/1629175.1629203
Bennet S. Yee, D. Sehr, Gregory Dardyk, J. B. Chen, R. Muth, Tavis Ormandy, S. Okasaka, Neha Narula, Nicholas Fullagar
{"title":"Native Client: A Sandbox for Portable, Untrusted x86 Native Code","authors":"Bennet S. Yee, D. Sehr, Gregory Dardyk, J. B. Chen, R. Muth, Tavis Ormandy, S. Okasaka, Neha Narula, Nicholas Fullagar","doi":"10.1145/1629175.1629203","DOIUrl":"https://doi.org/10.1145/1629175.1629203","url":null,"abstract":"This paper describes the design, implementation and evaluation of Native Client, a sandbox for untrusted x86 native code. Native Client aims to give browser-based applications the computational performance of native applications without compromising safety. Native Client uses software fault isolation and a secure runtime to direct system interaction and side effects through interfaces managed by Native Client. Native Client provides operating system portability for binary code while supporting performance-oriented features generally absent from web application programming environments, such as thread support, instruction set extensions such as SSE, and use of compiler intrinsics and hand-coded assembler. We combine these properties in an open architecture that encourages community review and 3rd-party tools.","PeriodicalId":161757,"journal":{"name":"2009 30th IEEE Symposium on Security and Privacy","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-05-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127825977","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 727
Automatic Discovery and Quantification of Information Leaks 信息泄漏的自动发现与量化
2009 30th IEEE Symposium on Security and Privacy Pub Date : 2009-05-17 DOI: 10.1109/SP.2009.18
M. Backes, Boris Köpf, A. Rybalchenko
{"title":"Automatic Discovery and Quantification of Information Leaks","authors":"M. Backes, Boris Köpf, A. Rybalchenko","doi":"10.1109/SP.2009.18","DOIUrl":"https://doi.org/10.1109/SP.2009.18","url":null,"abstract":"Information-flow analysis is a powerful technique for reasoning about the sensitive information exposed by a program during its execution. We present the first automatic method for information-flow analysis that discovers what information is leaked and computes its comprehensive quantitative interpretation. The leaked information is characterized by an equivalence relation on secret artifacts, and is represented by a logical assertion over the corresponding program variables. Our measurement procedure computes the number of discovered equivalence classes and their sizes. This provides a basis for computing a set of quantitative properties, which includes all established information-theoretic measures in quantitative information-flow. Our method exploits an inherent connection between formal models of qualitative information-flow and program verification techniques. We provide an implementation of our method that builds upon existing tools for program verification and information-theoretic analysis. Our experimental evaluation indicates the practical applicability of the presented method.","PeriodicalId":161757,"journal":{"name":"2009 30th IEEE Symposium on Security and Privacy","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-05-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128424526","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 220
Formally Certifying the Security of Digital Signature Schemes 正式验证数字签名方案的安全性
2009 30th IEEE Symposium on Security and Privacy Pub Date : 2009-05-17 DOI: 10.1109/SP.2009.17
Santiago Zanella Béguelin, G. Barthe, B. Grégoire, Federico Olmedo
{"title":"Formally Certifying the Security of Digital Signature Schemes","authors":"Santiago Zanella Béguelin, G. Barthe, B. Grégoire, Federico Olmedo","doi":"10.1109/SP.2009.17","DOIUrl":"https://doi.org/10.1109/SP.2009.17","url":null,"abstract":"We present two machine-checked proofs of the existentialunforgeability under adaptive chosen-message attacks of the FullDomain Hash signature scheme. These proofs formalize the originalargument of Bellare and Rogaway, and an optimal reduction by Coronthat provides a tighter bound on the probability of a forgery. Bothproofs are developed using CertiCrypt, a general framework toformalize exact security proofs of cryptographic systems in thecomputational model. Since CertiCrypt is implemented on top of theCoq proof assistant, the proofs are highly trustworthy and can beverified independently and fully automatically.","PeriodicalId":161757,"journal":{"name":"2009 30th IEEE Symposium on Security and Privacy","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-05-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116048516","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 25
Fingerprinting Blank Paper Using Commodity Scanners 使用商品扫描仪对空白纸张进行指纹识别
2009 30th IEEE Symposium on Security and Privacy Pub Date : 2009-05-17 DOI: 10.1109/SP.2009.7
W. Clarkson, T. Weyrich, Adam Finkelstein, N. Heninger, J. A. Halderman, E. Felten
{"title":"Fingerprinting Blank Paper Using Commodity Scanners","authors":"W. Clarkson, T. Weyrich, Adam Finkelstein, N. Heninger, J. A. Halderman, E. Felten","doi":"10.1109/SP.2009.7","DOIUrl":"https://doi.org/10.1109/SP.2009.7","url":null,"abstract":"We develop a novel technique for authenticating physical documents by using random, naturally occurring imperfections in paper texture. To this end, we devised a new method for measuring the three-dimensional surface of a paper without modifying the document in any way, using only a commodity scanner. From this physical feature, we generate a concise fingerprint that uniquely identifies the document. Our method is secure against counterfeiting, robust to harsh handling, and applicable even before any content is printed on a page. It has a wide range of applications, including detecting forged currency and tickets, authenticating passports, and halting counterfeit goods. On a more sinister note, document identification could be used to de-anonymize printed surveys and to compromise the secrecy of paper ballots.","PeriodicalId":161757,"journal":{"name":"2009 30th IEEE Symposium on Security and Privacy","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-05-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129529931","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 100
Plaintext Recovery Attacks against SSH 针对SSH的明文恢复攻击
2009 30th IEEE Symposium on Security and Privacy Pub Date : 2009-05-17 DOI: 10.1109/SP.2009.5
Martin R. Albrecht, K. Paterson, Gaven J. Watson
{"title":"Plaintext Recovery Attacks against SSH","authors":"Martin R. Albrecht, K. Paterson, Gaven J. Watson","doi":"10.1109/SP.2009.5","DOIUrl":"https://doi.org/10.1109/SP.2009.5","url":null,"abstract":"This paper presents a variety of plaintext-recovering attacks against SSH. We implemented a proof of concept of our attacks against OpenSSH, where we can verifiably recover 14 bits of plaintext from an arbitrary block of ciphertext with probability $2^{-14}$ and 32 bits of plaintext from an arbitrary block of ciphertext with probability $2^{-18}$. These attacks assume the default configuration of a 128-bit block cipher operating in CBC mode. The paper explains why a combination of flaws in the basic design of SSH leads implementations such as OpenSSH to be open to our attacks, why current provable security results for SSH do not cover our attacks, and how the attacks can be prevented in practice.","PeriodicalId":161757,"journal":{"name":"2009 30th IEEE Symposium on Security and Privacy","volume":"59 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-05-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116754953","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 114
Privacy Weaknesses in Biometric Sketches 生物识别草图中的隐私缺陷
2009 30th IEEE Symposium on Security and Privacy Pub Date : 2009-05-17 DOI: 10.1109/SP.2009.24
K. Simoens, P. Tuyls, B. Preneel
{"title":"Privacy Weaknesses in Biometric Sketches","authors":"K. Simoens, P. Tuyls, B. Preneel","doi":"10.1109/SP.2009.24","DOIUrl":"https://doi.org/10.1109/SP.2009.24","url":null,"abstract":"The increasing use of biometrics has given rise to new privacy concerns. Biometric encryption systems have been proposed in order to alleviate such concerns: rather than comparing the biometric data directly, a key is derived from these data and subsequently knowledge of this key is proved. One specific application of biometric encryption is the use of biometric sketches: in this case biometric template data are protected with biometric encryption. We address the question whether one can undermine a user's privacy given access to biometrically encrypted documents, and more in particular, we examine if an attacker can determine whether two documents were encrypted using the same biometric. This is a particular concern for biometric sketches that are deployed in multiple locations: in one scenario the same biometric sketch is deployed everywhere; in a second scenario the same biometric data is protected with two different biometric sketches. We present attacks on template protection schemes that can be described as fuzzy sketches based on error-correcting codes. We demonstrate how to link and reverse protected templates produced by code-offset and bit-permutation sketches.","PeriodicalId":161757,"journal":{"name":"2009 30th IEEE Symposium on Security and Privacy","volume":"26 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-05-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126472854","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 191
Noninterference for a Practical DIFC-Based Operating System 一种实用的基于difc的操作系统的抗干扰性
2009 30th IEEE Symposium on Security and Privacy Pub Date : 2009-05-17 DOI: 10.1109/SP.2009.23
M. Krohn, Eran Tromer
{"title":"Noninterference for a Practical DIFC-Based Operating System","authors":"M. Krohn, Eran Tromer","doi":"10.1109/SP.2009.23","DOIUrl":"https://doi.org/10.1109/SP.2009.23","url":null,"abstract":"The Flume system is an implementation of decentralized information flow control (DIFC) at the operating system level. Prior work has shown Flume can be implemented as a practical extension tothe Linux operating system, allowing real Web applications to achieve useful security guarantees. However, the question remains if the Flume system is actually secure. This paper compares Flume with other recent DIFC systems like Asbestos, arguing that the latter is inherently susceptible to certain wide-bandwidth covert channels, and proving their absence in Flume by means of a noninterference proof in the Communicating Sequential Processes formalism.","PeriodicalId":161757,"journal":{"name":"2009 30th IEEE Symposium on Security and Privacy","volume":"44 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-05-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114640726","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 66
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信