发布求助
文献互助 智能选刊 最新文献

Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007)最新文献

筛选
英文 中文
Secure and Flexible Monitoring of Virtual Machines 安全灵活的虚拟机监控
Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007) Pub Date : 2007-12-01 DOI: 10.1109/ACSAC.2007.10
B. Payne, Wenke Lee
{"title":"Secure and Flexible Monitoring of Virtual Machines","authors":"B. Payne, Wenke Lee","doi":"10.1109/ACSAC.2007.10","DOIUrl":"https://doi.org/10.1109/ACSAC.2007.10","url":null,"abstract":"The monitoring of virtual machines has many applications in areas such as security and systems management. A monitoring technique known as introspection has received significant discussion in the research literature, but these prior works have focused on the applications of introspection rather than how to properly build a monitoring architecture. In this paper we propose a set of requirements that should guide the development of virtual machine monitoring solutions. To illustrate the viability of these requirements, we describe the design of XenAccess, a monitoring library for operating systems running on Xen. XenAccess incorporates virtual memory introspection and virtual disk monitoring capabilities, allowing monitor applications to safely and efficiently access the memory state and disk activity of a target operating system. XenAccess' efficiency and functionality are illustrated through a series of performance tests and practical examples.","PeriodicalId":199101,"journal":{"name":"Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007)","volume":"90 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134166766","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 414
Extensible Pre-authentication Kerberos 可扩展预认证Kerberos
Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007) Pub Date : 2007-12-01 DOI: 10.1109/ACSAC.2007.33
Phillip L. Hellewell, K. Seamons
{"title":"Extensible Pre-authentication Kerberos","authors":"Phillip L. Hellewell, K. Seamons","doi":"10.1109/ACSAC.2007.33","DOIUrl":"https://doi.org/10.1109/ACSAC.2007.33","url":null,"abstract":"Kerberos is a well-established authentication system. As new authentication methods arise, incorporating them into Kerberos is desirable. However, extending Kerberos poses challenges due to a lack of source code availability for some implementations and a lengthy standardization process. This paper presents Extensible Pre-Authentication in Kerberos (EPAK), a Kerberos extension that enables many authentication methods to be loosely coupled with Kerberos, without further modification to Kerberos. To demonstrate the utility of the framework, two authentication methods for open systems are presented that have been implemented as Kerberos extensions using EPAK. These extensions illustrate the flexibility EPAK brings to Kerberos while maintaining backwards compatibility.","PeriodicalId":199101,"journal":{"name":"Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007)","volume":"254 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132848797","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 13
Centralized Security Labels in Decentralized P2P Networks 分散式P2P网络中的集中式安全标签
Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007) Pub Date : 2007-12-01 DOI: 10.1109/ACSAC.2007.13
Nathalie Tsybulnik, Kevin W. Hamlen, B. Thuraisingham
{"title":"Centralized Security Labels in Decentralized P2P Networks","authors":"Nathalie Tsybulnik, Kevin W. Hamlen, B. Thuraisingham","doi":"10.1109/ACSAC.2007.13","DOIUrl":"https://doi.org/10.1109/ACSAC.2007.13","url":null,"abstract":"This paper describes the design of a peer-to-peer network that supports integrity and confidentiality labeling of shared data. A notion of data ownership privacy is also enforced, whereby peers can share data without revealing which data they own. Security labels are global but the implementation does not require a centralized label server. The network employs a reputation-based trust management system to assess and update data labels, and to store and retrieve labels safely in the presence of malicious peers. The security labeling scheme preserves the efficiency of network operations; lookup cost including label retrieval is O(log N), where N is the number of agents in the network.","PeriodicalId":199101,"journal":{"name":"Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007)","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124749967","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
Efficiency Issues of Rete-Based Expert Systems for Misuse Detection 基于远程的误用检测专家系统的效率问题
Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007) Pub Date : 2007-12-01 DOI: 10.1109/ACSAC.2007.22
M. Meier, U. Flegel, Sebastian Schmerl
{"title":"Efficiency Issues of Rete-Based Expert Systems for Misuse Detection","authors":"M. Meier, U. Flegel, Sebastian Schmerl","doi":"10.1109/ACSAC.2007.22","DOIUrl":"https://doi.org/10.1109/ACSAC.2007.22","url":null,"abstract":"This paper provides a general and comprehensive approach to implementing misuse detection on expert systems and an in-depth analysis of the effectiveness of the optimization strategies of the Rete algorithm wrt. the general implementation approach. General efficiency limits of Rete- based expert systems in the domain of misuse detection are determined analytically and validated experimentally. We conclude that expert systems may still have their merit in rapid prototyping of misuse detection IDSs, but they should not be considered for modern production systems.","PeriodicalId":199101,"journal":{"name":"Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007)","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124962400","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
首页 上一页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信