2017 IEEE Symposium on Security and Privacy (SP)最新文献

筛选
英文 中文
Backward-Bounded DSE: Targeting Infeasibility Questions on Obfuscated Codes 后界DSE:针对混淆代码的不可行性问题
2017 IEEE Symposium on Security and Privacy (SP) Pub Date : 2017-05-01 DOI: 10.1109/SP.2017.36
Sébastien Bardin, Robin David, J. Marion
{"title":"Backward-Bounded DSE: Targeting Infeasibility Questions on Obfuscated Codes","authors":"Sébastien Bardin, Robin David, J. Marion","doi":"10.1109/SP.2017.36","DOIUrl":"https://doi.org/10.1109/SP.2017.36","url":null,"abstract":"Software deobfuscation is a crucial activity in security analysis and especially in malware analysis. While standard static and dynamic approaches suffer from well-known shortcomings, Dynamic Symbolic Execution (DSE) has recently been proposed as an interesting alternative, more robust than staticanalysis and more complete than dynamic analysis. Yet, DSE addresses only certain kinds of questions encountered by a reverser, namely feasibility questions. Many issues arising during reverse, e.g., detecting protection schemes such as opaque predicates, fall into the category of infeasibility questions. We present Backward-Bounded DSE, a generic, precise, efficient and robust method for solving infeasibility questions. We demonstrate the benefit of the method for opaque predicates and call stack tampering, and give some insight for its usage for some other protection schemes. Especially, the technique has successfully been used on state-of-the-art packers as well as on the government-grade X-Tunnel malware – allowing its entire deobfuscation. Backward-Bounded DSE does not supersede existing DSE approaches, but rather complements them by addressing infeasibility questions in a scalable and precise manner. Following this line, we proposesparse disassembly, a combination of Backward-Bounded DSE and static disassembly able to enlarge dynamic disassembly in a guaranteed way, hence getting the best of dynamic and static disassembly. This work paves the way for robust, efficient and precise disassembly tools for heavily-obfuscated binaries.","PeriodicalId":6502,"journal":{"name":"2017 IEEE Symposium on Security and Privacy (SP)","volume":"17 1","pages":"633-651"},"PeriodicalIF":0.0,"publicationDate":"2017-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74800554","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 45
Obstacles to the Adoption of Secure Communication Tools 采用安全通信工具的障碍
2017 IEEE Symposium on Security and Privacy (SP) Pub Date : 2017-05-01 DOI: 10.1109/SP.2017.65
Ruba Abu-Salma, M. Sasse, Joseph Bonneau, A. Danilova, Alena Naiakshina, Matthew Smith
{"title":"Obstacles to the Adoption of Secure Communication Tools","authors":"Ruba Abu-Salma, M. Sasse, Joseph Bonneau, A. Danilova, Alena Naiakshina, Matthew Smith","doi":"10.1109/SP.2017.65","DOIUrl":"https://doi.org/10.1109/SP.2017.65","url":null,"abstract":"The computer security community has advocated widespread adoption of secure communication tools to counter mass surveillance. Several popular personal communication tools (e.g., WhatsApp, iMessage) have adopted end-to-end encryption, and many new tools (e.g., Signal, Telegram) have been launched with security as a key selling point. However it remains unclear if users understand what protection these tools offer, and if they value that protection. In this study, we interviewed 60 participants about their experience with different communication tools and their perceptions of the tools' security properties. We found that the adoption of secure communication tools is hindered by fragmented user bases and incompatible tools. Furthermore, the vast majority of participants did not understand the essential concept of end-to-end encryption, limiting their motivation to adopt secure tools. We identified a number of incorrect mental models that underpinned participants' beliefs.","PeriodicalId":6502,"journal":{"name":"2017 IEEE Symposium on Security and Privacy (SP)","volume":"26 1","pages":"137-153"},"PeriodicalIF":0.0,"publicationDate":"2017-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"86955221","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 138
VUDDY: A Scalable Approach for Vulnerable Code Clone Discovery VUDDY:一种可扩展的易受攻击代码克隆发现方法
2017 IEEE Symposium on Security and Privacy (SP) Pub Date : 2017-05-01 DOI: 10.1109/SP.2017.62
Seulbae Kim, Seunghoon Woo, Heejo Lee, Hakjoo Oh
{"title":"VUDDY: A Scalable Approach for Vulnerable Code Clone Discovery","authors":"Seulbae Kim, Seunghoon Woo, Heejo Lee, Hakjoo Oh","doi":"10.1109/SP.2017.62","DOIUrl":"https://doi.org/10.1109/SP.2017.62","url":null,"abstract":"The ecosystem of open source software (OSS) has been growing considerably in size. In addition, code clones - code fragments that are copied and pasted within or between software systems - are also proliferating. Although code cloning may expedite the process of software development, it often critically affects the security of software because vulnerabilities and bugs can easily be propagated through code clones. These vulnerable code clones are increasing in conjunction with the growth of OSS, potentially contaminating many systems. Although researchers have attempted to detect code clones for decades, most of these attempts fail to scale to the size of the ever-growing OSS code base. The lack of scalability prevents software developers from readily managing code clones and associated vulnerabilities. Moreover, most existing clone detection techniques focus overly on merely detecting clones and this impairs their ability to accurately find \"vulnerable\" clones. In this paper, we propose VUDDY, an approach for the scalable detection of vulnerable code clones, which is capable of detecting security vulnerabilities in large software programs efficiently and accurately. Its extreme scalability is achieved by leveraging function-level granularity and a length-filtering technique that reduces the number of signature comparisons. This efficient design enables VUDDY to preprocess a billion lines of code in 14 hour and 17 minutes, after which it requires a few seconds to identify code clones. In addition, we designed a security-aware abstraction technique that renders VUDDY resilient to common modifications in cloned code, while preserving the vulnerable conditions even after the abstraction is applied. This extends the scope of VUDDY to identifying variants of known vulnerabilities, with high accuracy. In this study, we describe its principles and evaluate its efficacy and effectiveness by comparing it with existing mechanisms and presenting the vulnerabilities it detected. VUDDY outperformed four state-of-the-art code clone detection techniques in terms of both scalability and accuracy, and proved its effectiveness by detecting zero-day vulnerabilities in widely used software systems, such as Apache HTTPD and Ubuntu OS Distribution.","PeriodicalId":6502,"journal":{"name":"2017 IEEE Symposium on Security and Privacy (SP)","volume":"33 1","pages":"595-614"},"PeriodicalIF":0.0,"publicationDate":"2017-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76555295","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 240
From Trash to Treasure: Timing-Sensitive Garbage Collection 从垃圾到宝藏:时间敏感的垃圾收集
2017 IEEE Symposium on Security and Privacy (SP) Pub Date : 2017-05-01 DOI: 10.1109/SP.2017.64
M. V. Pedersen, Aslan Askarov
{"title":"From Trash to Treasure: Timing-Sensitive Garbage Collection","authors":"M. V. Pedersen, Aslan Askarov","doi":"10.1109/SP.2017.64","DOIUrl":"https://doi.org/10.1109/SP.2017.64","url":null,"abstract":"This paper studies information flows via timing channels in the presence ofautomatic memory management. We construct a series of example attacks thatillustrate that garbage collectors form a shared resource that can be used toreliably leak sensitive information at a rate of up to 1 byte/sec on a contemporarygeneral-purpose computer. The createdchannel is also observable across a network connection in a datacenter-likesetting. We subsequently present a design of automatic memory management that isprovably resilient against such attacks.","PeriodicalId":6502,"journal":{"name":"2017 IEEE Symposium on Security and Privacy (SP)","volume":"1 1","pages":"693-709"},"PeriodicalIF":0.0,"publicationDate":"2017-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"78890659","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
Cloak and Dagger: From Two Permissions to Complete Control of the UI Feedback Loop 斗篷和匕首:从两个权限到完全控制UI反馈循环
2017 IEEE Symposium on Security and Privacy (SP) Pub Date : 2017-05-01 DOI: 10.1109/SP.2017.39
Y. Fratantonio, Chenxiong Qian, S. Chung, Wenke Lee
{"title":"Cloak and Dagger: From Two Permissions to Complete Control of the UI Feedback Loop","authors":"Y. Fratantonio, Chenxiong Qian, S. Chung, Wenke Lee","doi":"10.1109/SP.2017.39","DOIUrl":"https://doi.org/10.1109/SP.2017.39","url":null,"abstract":"The effectiveness of the Android permission system fundamentally hinges on the user's correct understanding of the capabilities of the permissions being granted. In this paper, we show that both the end-users and the security community have significantly underestimated the dangerous capabilities granted by the SYSTEM_ALERT_WINDOW and the BIND_ACCESSIBILITY_SERVICE permissions: while it is known that these are security-sensitive permissions and they have been abused individually (e.g., in UI redressing attacks, accessibility attacks), previous attacks based on these permissions rely on vanishing side-channels to time the appearance of overlay UI, cannot respond properly to user input, or make the attacks literally visible. This work, instead, uncovers several design shortcomings of the Android platform and shows how an app with these two permissions can completely control the UI feedback loop and create devastating attacks. In particular, we demonstrate how such an app can launch a variety of stealthy, powerful attacks, ranging from stealing user's login credentials and security PIN, to the silent installation of a God-mode app with all permissions enabled, leaving the victim completely unsuspecting. To make things even worse, we note that when installing an app targeting a recent Android SDK, the list of its required permissions is not shown to the user and that these attacks can be carried out without needing to lure the user to knowingly enable any permission. In fact, the SYSTEM_ALERT_WINDOW permission is automatically granted for apps installed from the Play Store and our experiment shows that it is practical to lure users to unknowingly grant the BIND_ACCESSIBILITY_SERVICE permission by abusing capabilities from the SYSTEM_ALERT_WINDOW permission. We evaluated the practicality of these attacks by performing a user study: none of the 20 human subjects that took part of the experiment even suspected they had been attacked. We also found that it is straightforward to get a proof-of-concept app requiring both permissions accepted on the official store. We responsibly disclosed our findings to Google. Unfortunately, since these problems are related to design issues, these vulnerabilities are still unaddressed. We conclude the paper by proposing a novel defense mechanism, implemented as an extension to the current Android API, which would protect Android users and developers from the threats we uncovered.","PeriodicalId":6502,"journal":{"name":"2017 IEEE Symposium on Security and Privacy (SP)","volume":"29 1","pages":"1041-1057"},"PeriodicalIF":0.0,"publicationDate":"2017-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"79126514","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 102
IVD: Automatic Learning and Enforcement of Authorization Rules in Online Social Networks 在线社交网络中授权规则的自动学习和执行
2017 IEEE Symposium on Security and Privacy (SP) Pub Date : 2017-05-01 DOI: 10.1109/SP.2017.33
P. Marinescu, Chad Parry, Marjori Pomarole, Yuan Tian, P. Tague, I. Papagiannis
{"title":"IVD: Automatic Learning and Enforcement of Authorization Rules in Online Social Networks","authors":"P. Marinescu, Chad Parry, Marjori Pomarole, Yuan Tian, P. Tague, I. Papagiannis","doi":"10.1109/SP.2017.33","DOIUrl":"https://doi.org/10.1109/SP.2017.33","url":null,"abstract":"Authorization bugs, when present in online social networks, are usually caused by missing or incorrect authorization checks and can allow attackers to bypass the online social network's protections. Unfortunately, there is no practical way to fully guarantee that an authorization bug will never be introduced—even with good engineering practices—as a web application and its data model become more complex. Unlike other web application vulnerabilities such as XSS and CSRF, there is no practical general solution to prevent missing or incorrect authorization checks. In this paper we propose Invariant Detector (IVD), a defense-in-depth system that automatically learns authorization rules from normal data manipulation patterns and distills them into likely invariants. These invariants, usually learned during the testing or pre-release stages of new features, are then used to block any requests that may attempt to exploit bugs in the social network's authorization logic. IVD acts as an additional layer of defense, working behind the scenes, complementary to privacy frameworks and testing. We have designed and implemented IVD to handle the unique challenges posed by modern online social networks. IVD is currently running at Facebook, where it infers and evaluates daily more than 200,000 invariants from a sample of roughly 500 million client requests, and checks the resulting invariants every second against millions of writes made to a graph database containing trillions of entities. Thus far IVD has detected several high impact authorization bugs and has successfully blocked attempts to exploit them before code fixes were deployed.","PeriodicalId":6502,"journal":{"name":"2017 IEEE Symposium on Security and Privacy (SP)","volume":"35 1","pages":"1094-1109"},"PeriodicalIF":0.0,"publicationDate":"2017-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"79383607","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 11
A Lustrum of Malware Network Communication: Evolution and Insights 恶意软件网络通信概论:演变与洞察
2017 IEEE Symposium on Security and Privacy (SP) Pub Date : 2017-05-01 DOI: 10.1109/SP.2017.59
Chaz Lever, Platon Kotzias, D. Balzarotti, Juan Caballero, M. Antonakakis
{"title":"A Lustrum of Malware Network Communication: Evolution and Insights","authors":"Chaz Lever, Platon Kotzias, D. Balzarotti, Juan Caballero, M. Antonakakis","doi":"10.1109/SP.2017.59","DOIUrl":"https://doi.org/10.1109/SP.2017.59","url":null,"abstract":"Both the operational and academic security communities have used dynamic analysis sandboxes to execute malware samples for roughly a decade. Network information derived from dynamic analysis is frequently used for threat detection, network policy, and incident response. Despite these common and important use cases, the efficacy of the network detection signal derived from such analysis has yet to be studied in depth. This paper seeks to address this gap by analyzing the network communications of 26.8 million samples that were collected over a period of five years. Using several malware and network datasets, our large scale study makes three core contributions. (1) We show that dynamic analysis traces should be carefully curated and provide a rigorous methodology that analysts can use to remove potential noise from such traces. (2) We show that Internet miscreants are increasingly using potentially unwanted programs (PUPs) that rely on a surprisingly stable DNS and IP infrastructure. This indicates that the security community is in need of better protections against such threats, and network policies may provide a solid foundation for such protections. (3) Finally, we see that, for the vast majority of malware samples, network traffic provides the earliest indicator of infection—several weeks and often months before the malware sample is discovered. Therefore, network defenders should rely on automated malware analysis to extract indicators of compromise and not to build early detection systems.","PeriodicalId":6502,"journal":{"name":"2017 IEEE Symposium on Security and Privacy (SP)","volume":"36 1","pages":"788-804"},"PeriodicalIF":0.0,"publicationDate":"2017-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"82107824","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 78
Leakage-Abuse Attacks against Order-Revealing Encryption 针对指令披露加密的泄漏滥用攻击
2017 IEEE Symposium on Security and Privacy (SP) Pub Date : 2017-05-01 DOI: 10.1109/SP.2017.44
Paul Grubbs, Kevin Sekniqi, Vincent Bindschaedler, Muhammad Naveed, T. Ristenpart
{"title":"Leakage-Abuse Attacks against Order-Revealing Encryption","authors":"Paul Grubbs, Kevin Sekniqi, Vincent Bindschaedler, Muhammad Naveed, T. Ristenpart","doi":"10.1109/SP.2017.44","DOIUrl":"https://doi.org/10.1109/SP.2017.44","url":null,"abstract":"Order-preserving encryption and its generalization order-revealing encryption (OPE/ORE) allow sorting, performing range queries, and filtering data — all while only having access to ciphertexts. But OPE and ORE ciphertexts necessarily leak information about plaintexts, and what level of security they provide in practice has been unclear. In this work, we introduce new leakage-abuse attacks that recover plaintexts from OPE/ORE-encrypted databases. Underlying our new attacks is a framework in which we cast the adversary's challenge as a non-crossing bipartite matching problem. This allows easy tailoring of attacks to a specific scheme's leakage profile. In a case study of customer records, we show attacks that recover 99% of first names, 97% of last names, and 90% of birthdates held in a database, despite all values being encrypted with the OPE scheme most widely used in practice. We also show the first attack against the recent frequency-hiding Kerschbaum scheme, to which no prior attacks have been demonstrated. Our attack recovers frequently occurring plaintexts most of the time.","PeriodicalId":6502,"journal":{"name":"2017 IEEE Symposium on Security and Privacy (SP)","volume":"23 1","pages":"655-672"},"PeriodicalIF":0.0,"publicationDate":"2017-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"73699077","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 168
Side-Channel Attacks on Shared Search Indexes 共享搜索索引的侧信道攻击
2017 IEEE Symposium on Security and Privacy (SP) Pub Date : 2017-05-01 DOI: 10.1109/SP.2017.50
Liang Wang, Paul Grubbs, Jiahui Lu, Vincent Bindschaedler, David Cash, T. Ristenpart
{"title":"Side-Channel Attacks on Shared Search Indexes","authors":"Liang Wang, Paul Grubbs, Jiahui Lu, Vincent Bindschaedler, David Cash, T. Ristenpart","doi":"10.1109/SP.2017.50","DOIUrl":"https://doi.org/10.1109/SP.2017.50","url":null,"abstract":"Full-text search systems, such as Elasticsearch and Apache Solr, enable document retrieval based on keyword queries. In many deployments these systems are multi-tenant, meaning distinct users' documents reside in, and their queries are answered by, one or more shared search indexes. Large deployments may use hundreds of indexes across which user documents are randomly assigned. The results of a search query are filtered to remove documents to which a client should not have access. We show the existence of exploitable side channels in modern multi-tenant search. The starting point for our attacks is a decade-old observation that the TF-IDF scores used to rank search results can potentially leak information about other users' documents. To the best of our knowledge, no attacks have been shown that exploit this side channel in practice, and constructing a working side channel requires overcoming numerous challenges in real deployments. We nevertheless develop a new attack, called STRESS (Search Text RElevance Score Side channel), and in so doing show how an attacker can map out the number of indexes used by a service, obtain placement of a document within each index, and then exploit co-tenancy with all other users to (1) discover the terms in other tenants' documents or (2) determine the number of documents (belonging to other tenants) that contain a term of interest. In controlled experiments, we demonstrate the attacks on popular services such as GitHub and Xen.do. We conclude with a discussion of countermeasures.","PeriodicalId":6502,"journal":{"name":"2017 IEEE Symposium on Security and Privacy (SP)","volume":"99 1","pages":"673-692"},"PeriodicalIF":0.0,"publicationDate":"2017-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"84129692","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
Protecting Bare-Metal Embedded Systems with Privilege Overlays 利用特权覆盖保护裸机嵌入式系统
2017 IEEE Symposium on Security and Privacy (SP) Pub Date : 2017-05-01 DOI: 10.1109/SP.2017.37
Abraham A. Clements, N. S. Almakhdhub, Khaled Kamal Saab, Prashast Srivastava, Jinkyu Koo, S. Bagchi, Mathias Payer
{"title":"Protecting Bare-Metal Embedded Systems with Privilege Overlays","authors":"Abraham A. Clements, N. S. Almakhdhub, Khaled Kamal Saab, Prashast Srivastava, Jinkyu Koo, S. Bagchi, Mathias Payer","doi":"10.1109/SP.2017.37","DOIUrl":"https://doi.org/10.1109/SP.2017.37","url":null,"abstract":"Embedded systems are ubiquitous in every aspect ofmodern life. As the Internet of Thing expands, our dependenceon these systems increases. Many of these interconnected systemsare and will be low cost bare-metal systems, executing without anoperating system. Bare-metal systems rarely employ any securityprotection mechanisms and their development assumptions (un-restricted access to all memory and instructions), and constraints(runtime, energy, and memory) makes applying protectionschallenging. To address these challenges we present EPOXY, an LLVM-based embedded compiler. We apply a novel technique, calledprivilege overlaying, wherein operations requiring privilegedexecution are identified and only these operations execute inprivileged mode. This provides the foundation on which code-integrity, adapted control-flow hijacking defenses, and protections for sensitive IO are applied. We also design fine-grainedrandomization schemes, that work within the constraints of bare-metal systems to provide further protection against control-flowand data corruption attacks. These defenses prevent code injection attacks and ROP attacksfrom scaling across large sets of devices. We evaluate theperformance of our combined defense mechanisms for a suite of75 benchmarks and 3 real-world IoT applications. Our results forthe application case studies show that EPOXY has, on average, a 1.8% increase in execution time and a 0.5% increase in energy usage.","PeriodicalId":6502,"journal":{"name":"2017 IEEE Symposium on Security and Privacy (SP)","volume":"17 1","pages":"289-303"},"PeriodicalIF":0.0,"publicationDate":"2017-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87864171","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 86
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信