发布求助
文献互助 智能选刊 最新文献

Asia-Pacific Computer Systems Architecture Conference最新文献

筛选
英文 中文
Self-healing multitier architectures using cascading rescue points 使用级联救援点的自修复多层架构
Asia-Pacific Computer Systems Architecture Conference Pub Date : 2012-12-03 DOI: 10.1145/2420950.2421005
Angeliki Zavou, G. Portokalidis, A. Keromytis
{"title":"Self-healing multitier architectures using cascading rescue points","authors":"Angeliki Zavou, G. Portokalidis, A. Keromytis","doi":"10.1145/2420950.2421005","DOIUrl":"https://doi.org/10.1145/2420950.2421005","url":null,"abstract":"Software bugs and vulnerabilities cause serious problems to both home users and the Internet infrastructure, limiting the availability of Internet services, causing loss of data, and reducing system integrity. Software self-healing using rescue points (RPs) is a known mechanism for recovering from unforeseen errors. However, applying it on multitier architectures can be problematic because certain actions, like transmitting data over the network, cannot be undone. We propose cascading rescue points (CRPs) to address the state inconsistency issues that can arise when using traditional RPs to recover from errors in interconnected applications. With CRPs, when an application executing within a RP transmits data, the remote peer is notified to also perform a checkpoint, so the communicating entities checkpoint in a coordinated, but loosely coupled way. Notifications are also sent when RPs successfully complete execution, and when recovery is initiated, so that the appropriate action is performed by remote parties. We developed a tool that implements CRPs by dynamically instrumenting binaries and transparently injecting notifications in the already established TCP channels between applications. We tested our tool with various applications, including the MySQL and Apache servers, and show that it allows them to successfully recover from errors, while incurring moderate overhead between 4.54% and 71.56%.","PeriodicalId":397003,"journal":{"name":"Asia-Pacific Computer Systems Architecture Conference","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-12-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125576680","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 11
Permission evolution in the Android ecosystem Android生态系统中的权限演变
Asia-Pacific Computer Systems Architecture Conference Pub Date : 2012-12-03 DOI: 10.1145/2420950.2420956
Xuetao Wei, L. Gomez, Iulian Neamtiu, M. Faloutsos
{"title":"Permission evolution in the Android ecosystem","authors":"Xuetao Wei, L. Gomez, Iulian Neamtiu, M. Faloutsos","doi":"10.1145/2420950.2420956","DOIUrl":"https://doi.org/10.1145/2420950.2420956","url":null,"abstract":"Android uses a system of permissions to control how apps access sensitive devices and data stores. Unfortunately, we have little understanding of the evolution of Android permissions since their inception (2008). Is the permission model allowing the Android platform and apps to become more secure? In this paper, we present arguably the first long-term study that is centered around both permission evolution and usage, of the entire Android ecosystem (platform, third-party apps, and pre-installed apps). First, we study the Android platform to see how the set of permissions has evolved; we find that this set tends to grow, and the growth is not aimed towards providing finer-grained permissions but rather towards offering access to new hardware features; a particular concern is that the set of Dangerous permissions is increasing. Second, we study Android third-party and pre-installed apps to examine whether they follow the principle of least privilege. We find that this is not the case, as an increasing percentage of the popular apps we study are overprivileged. In addition, the apps tend to use more permissions over time. Third, we highlight some concerns with pre-installed apps, e.g., apps that vendors distribute with the phone; these apps have access to, and use, a larger set of higher-privileged permissions which pose security and privacy risks. At the risk of oversimplification, we state that the Android ecosystem is not becoming more secure from the user's point of view. Our study derives four recommendations for improving the Android security and suggests the need to revisit the practices and policies of the ecosystem.","PeriodicalId":397003,"journal":{"name":"Asia-Pacific Computer Systems Architecture Conference","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-12-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117193404","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 194
Towards network containment in malware analysis systems 恶意软件分析系统的网络遏制研究
Asia-Pacific Computer Systems Architecture Conference Pub Date : 2012-12-03 DOI: 10.1145/2420950.2421000
Mariano Graziano, Corrado Leita, D. Balzarotti
{"title":"Towards network containment in malware analysis systems","authors":"Mariano Graziano, Corrado Leita, D. Balzarotti","doi":"10.1145/2420950.2421000","DOIUrl":"https://doi.org/10.1145/2420950.2421000","url":null,"abstract":"This paper focuses on the containment and control of the network interaction generated by malware samples in dynamic analysis environments. A currently unsolved problem consists in the existing dependency between the execution of a malware sample and a number of external hosts (e.g. C&C servers). This dependency affects the repeatability of the analysis, since the state of these external hosts influences the malware execution but it is outside the control of the sandbox. This problem is also important from a containment point of view, because the network traffic generated by a malware sample is potentially of malicious nature and, therefore, it should not be allowed to reach external targets.\u0000 The approach proposed in this paper addresses the repeatability and the containment of malware execution by exploring the use of protocol learning techniques for the emulation of the external network environment required by malware samples. We show that protocol learning techniques, if properly used and configured, can be successfully used to handle the network interaction required by malware. We present our solution, Mozzie, and show its ability to autonomously learn the network interaction associated to recent malware samples without requiring a-priori knowledge of the protocol characteristics. Therefore, our system can be used for the contained and repeatable analysis of unknown samples that rely on custom protocols for their communication with external hosts.","PeriodicalId":397003,"journal":{"name":"Asia-Pacific Computer Systems Architecture Conference","volume":"32 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-12-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121864836","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 25
Abusing cloud-based browsers for fun and profit 滥用基于云的浏览器取乐和牟利
Asia-Pacific Computer Systems Architecture Conference Pub Date : 2012-12-03 DOI: 10.1145/2420950.2420984
Vasant Tendulkar, Ryan Snyder, Joe Pletcher, Kevin R. B. Butler, Ashwin Shashidharan, W. Enck
{"title":"Abusing cloud-based browsers for fun and profit","authors":"Vasant Tendulkar, Ryan Snyder, Joe Pletcher, Kevin R. B. Butler, Ashwin Shashidharan, W. Enck","doi":"10.1145/2420950.2420984","DOIUrl":"https://doi.org/10.1145/2420950.2420984","url":null,"abstract":"Cloud services have become a cheap and popular means of computing. They allow users to synchronize data between devices and relieve low-powered devices from heavy computations. In response to the surge of smartphones and mobile devices, several cloud-based Web browsers have become commercially available. These \"cloud browsers\" assemble and render Web pages within the cloud, executing JavaScript code for the mobile client. This paper explores how the computational abilities of cloud browsers may be exploited through a Browser MapReduce (BMR) architecture for executing large, parallel tasks. We explore the computation and memory limits of four cloud browsers, and demonstrate the viability of BMR by implementing a client based on a reverse engineering of the Puffin cloud browser. We implement and test three canonical MapReduce applications (word count, distributed grep, and distributed sort). While we perform experiments on relatively small amounts of data (100 MB) for ethical considerations, our results strongly suggest that current cloud browsers are a viable source of arbitrary free computing at large scale.","PeriodicalId":397003,"journal":{"name":"Asia-Pacific Computer Systems Architecture Conference","volume":"150 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-12-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132658236","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 11
Twitter games: how successful spammers pick targets Twitter游戏:成功的垃圾邮件制造者如何选择目标
Asia-Pacific Computer Systems Architecture Conference Pub Date : 2012-12-03 DOI: 10.1145/2420950.2421007
Vasumathi Sridharan, Vaibhav Shankar, Minaxi Gupta
{"title":"Twitter games: how successful spammers pick targets","authors":"Vasumathi Sridharan, Vaibhav Shankar, Minaxi Gupta","doi":"10.1145/2420950.2421007","DOIUrl":"https://doi.org/10.1145/2420950.2421007","url":null,"abstract":"Online social networks, such as Twitter, have soared in popularity and in turn have become attractive targets of spam. In fact, spammers have evolved their strategies to stay ahead of Twitter's anti-spam measures in this short period of time. In this paper, we investigate the strategies Twitter spammers employ to reach relevant target audiences. Due to their targeted approaches to send spam, we see evidence of a large number of the spam accounts forming relationships with other Twitter users, thereby becoming deeply embedded in the social network.\u0000 We analyze nearly 20 million tweets from about 7 million Twitter accounts over a period of five days. We identify a set of 14,230 spam accounts that manage to live longer than the other 73% of other spam accounts in our data set. We characterize their behavior, types of tweets they use, and how they target their audience. We find that though spam campaigns changed little from a recent work by Thomas et al., spammer strategies evolved much in the same short time span, causing us to sometimes find contradictory spammer behavior from what was noted in Thomas et al.'s work. Specifically, we identify four major strategies used by 2/3rd of the spammers in our data. The most popular of these was one where spammers targeted their own followers. The availability of various kinds of services that help garner followers only increases the popularity of this strategy. The evolution in spammer strategies we observed in our work suggests that studies like ours should be undertaken frequently to keep up with spammer evolution.","PeriodicalId":397003,"journal":{"name":"Asia-Pacific Computer Systems Architecture Conference","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-12-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115383395","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 38
Code shredding: byte-granular randomization of program layout for detecting code-reuse attacks 代码分解:用于检测代码重用攻击的程序布局的字节粒度随机化
Asia-Pacific Computer Systems Architecture Conference Pub Date : 2012-12-03 DOI: 10.1145/2420950.2420996
Eitaro Shioji, Yuhei Kawakoya, Makoto Iwamura, Takeo Hariu
{"title":"Code shredding: byte-granular randomization of program layout for detecting code-reuse attacks","authors":"Eitaro Shioji, Yuhei Kawakoya, Makoto Iwamura, Takeo Hariu","doi":"10.1145/2420950.2420996","DOIUrl":"https://doi.org/10.1145/2420950.2420996","url":null,"abstract":"Code-reuse attacks by corrupting memory address pointers have been a major threat of software for many years. There have been numerous defenses proposed for countering this threat, but majority of them impose strict restrictions on software deployment such as requiring recompilation with a custom compiler, or causing integrity problems due to program modification. One notable exception is ASLR(address space layout randomization) which is a widespread defense free of such burdens, but is also known to be penetrated by a class of attacks that takes advantage of its coarse randomization granularity. Focusing on minimizing randomization granularity while also possessing these advantages of ASLR to the greatest extent, we propose a novel defensive approach called code shredding: a defensive scheme based on the idea of embedding the checksum value of a memory address as a part of itself. This simple yet effective approach hinders designation of specific address used in code-reuse attacks, by giving attackers an illusion of program code shredded into pieces at byte granularity and dispersed randomly over memory space. We show our design and implementation of a proof-of-concept prototype system for the Windows platform and the results from several experiments conducted to confirm its feasibility and performance overheads.","PeriodicalId":397003,"journal":{"name":"Asia-Pacific Computer Systems Architecture Conference","volume":"33 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-12-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123569475","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 23
VAMO: towards a fully automated malware clustering validity analysis VAMO:迈向一个完全自动化的恶意软件聚类有效性分析
Asia-Pacific Computer Systems Architecture Conference Pub Date : 2012-12-03 DOI: 10.1145/2420950.2420999
R. Perdisci, U. ManChon
{"title":"VAMO: towards a fully automated malware clustering validity analysis","authors":"R. Perdisci, U. ManChon","doi":"10.1145/2420950.2420999","DOIUrl":"https://doi.org/10.1145/2420950.2420999","url":null,"abstract":"Malware clustering is commonly applied by malware analysts to cope with the increasingly growing number of distinct malware variants collected every day from the Internet. While malware clustering systems can be useful for a variety of applications, assessing the quality of their results is intrinsically hard. In fact, clustering can be viewed as an unsupervised learning process over a dataset for which the complete ground truth is usually not available. Previous studies propose to evaluate malware clustering results by leveraging the labels assigned to the malware samples by multiple anti-virus scanners (AVs). However, the methods proposed thus far require a (semi-)manual adjustment and mapping between labels generated by different AVs, and are limited to selecting a reference sub-set of samples for which an agreement regarding their labels can be reached across a majority of AVs. This approach may bias the reference set towards \"easy to cluster\" malware samples, thus potentially resulting in an overoptimistic estimate of the accuracy of the malware clustering results.\u0000 In this paper we propose VAMO, a system that provides a fully automated quantitative analysis of the validity of malware clustering results. Unlike previous work, VAMO does not seek a majority voting-based consensus across different AV labels, and does not discard the malware samples for which such a consensus cannot be reached. Rather, VAMO explicitly deals with the inconsistencies typical of multiple AV labels to build a more representative reference set, compared to majority voting-based approaches. Furthermore, VAMO avoids the need of a (semi-)manual mapping between AV labels from different scanners that was required in previous work. Through an extensive evaluation in a controlled setting and a real-world application, we show that VAMO outperforms majority voting-based approaches, and provides a better way for malware analysts to automatically assess the quality of their malware clustering results.","PeriodicalId":397003,"journal":{"name":"Asia-Pacific Computer Systems Architecture Conference","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-12-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126468145","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 65
Hi-Fi: collecting high-fidelity whole-system provenance Hi-Fi:采集高保真全系统出处
Asia-Pacific Computer Systems Architecture Conference Pub Date : 2012-12-03 DOI: 10.1145/2420950.2420989
Devin J. Pohly, Stephen E. McLaughlin, P. Mcdaniel, Kevin R. B. Butler
{"title":"Hi-Fi: collecting high-fidelity whole-system provenance","authors":"Devin J. Pohly, Stephen E. McLaughlin, P. Mcdaniel, Kevin R. B. Butler","doi":"10.1145/2420950.2420989","DOIUrl":"https://doi.org/10.1145/2420950.2420989","url":null,"abstract":"Data provenance---a record of the origin and evolution of data in a system---is a useful tool for forensic analysis. However, existing provenance collection mechanisms fail to achieve sufficient breadth or fidelity to provide a holistic view of a system's operation over time. We present Hi-Fi, a kernel-level provenance system which leverages the Linux Security Modules framework to collect high-fidelity whole-system provenance. We demonstrate that Hi-Fi is able to record a variety of malicious behavior within a compromised system. In addition, our benchmarks show the collection overhead from Hi-Fi to be less than 1% for most system calls and 3% in a representative workload, while simultaneously generating a system measurement that fully reflects system evolution. In this way, we show that we can collect broad, high-fidelity provenance data which is capable of supporting detailed forensic analysis.","PeriodicalId":397003,"journal":{"name":"Asia-Pacific Computer Systems Architecture Conference","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-12-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129378398","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 152
TrueErase: per-file secure deletion for the storage data path TrueErase:按文件安全删除存储数据路径
Asia-Pacific Computer Systems Architecture Conference Pub Date : 2012-12-03 DOI: 10.1145/2420950.2421013
S. Diesburg, Christopher R. Meyers, M. Stanovich, Michael Mitchell, Justin Marshall, J. Gould, An-I Wang, G. Kuenning
{"title":"TrueErase: per-file secure deletion for the storage data path","authors":"S. Diesburg, Christopher R. Meyers, M. Stanovich, Michael Mitchell, Justin Marshall, J. Gould, An-I Wang, G. Kuenning","doi":"10.1145/2420950.2421013","DOIUrl":"https://doi.org/10.1145/2420950.2421013","url":null,"abstract":"The ability to securely delete sensitive data from electronic storage is becoming important. However, current per-file deletion solutions tend to be limited to a segment of the operating system's storage data path or specific to particular file systems or storage media.\u0000 This paper introduces TrueErase, a holistic secure-deletion framework. Through its design, implementation, verification, and evaluation, TrueErase shows that it is possible to build a legacy-compatible full-storage-data-path framework that performs per-file secure deletion and works with common file systems and solid-state storage, while handling common system failures. In addition, this framework can serve as a building block for encryption- and tainting-based secure-deletion systems.","PeriodicalId":397003,"journal":{"name":"Asia-Pacific Computer Systems Architecture Conference","volume":"1999 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-12-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128226311","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 41
Trust engineering: rejecting the tyranny of the weakest link 信任工程:拒绝最薄弱环节的暴政
Asia-Pacific Computer Systems Architecture Conference Pub Date : 2012-12-03 DOI: 10.1145/2420950.2420973
Susan Alexander
{"title":"Trust engineering: rejecting the tyranny of the weakest link","authors":"Susan Alexander","doi":"10.1145/2420950.2420973","DOIUrl":"https://doi.org/10.1145/2420950.2420973","url":null,"abstract":"In 2002 [1], the National Security Agency's Information Assurance Research Group coined the term, trust engineering, to describe a methodology for making use of software of uncertain provenance in mission-critical systems. Today, the loss of control that made software so hard to trust then applies to the rest of the supply chain as well. The discipline we described in the internal paper, <u>Trust-engineering: An Assurance Strategy for Software-based Systems</u>, no longer seems heretical today, even at NSA. Ten years later, we revisit the principles of trust engineering, compare the mechanisms available to us today with the practices of the past, and explore the construction of systems that are stronger than their weakest link.","PeriodicalId":397003,"journal":{"name":"Asia-Pacific Computer Systems Architecture Conference","volume":"118 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-12-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114173214","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信