发布求助
文献互助 智能选刊 最新文献

Conference on Computer and Communications Security : proceedings of the ... conference on computer and communications security. ACM Conference on Computer and Communications Security最新文献

筛选
英文 中文
Leaky Cauldron on the Dark Land: Understanding Memory Side-Channel Hazards in SGX. 黑暗土地上的漏锅:理解SGX的记忆侧通道危险。
Conference on Computer and Communications Security : proceedings of the ... conference on computer and communications security. ACM Conference on Computer and Communications Security Pub Date : 2017-10-01 DOI: 10.1145/3133956.3134038
Wenhao Wang, Guoxing Chen, Xiaorui Pan, Yinqian Zhang, XiaoFeng Wang, Vincent Bindschaedler, Haixu Tang, Carl A Gunter
{"title":"Leaky Cauldron on the Dark Land: Understanding Memory Side-Channel Hazards in SGX.","authors":"Wenhao Wang,&nbsp;Guoxing Chen,&nbsp;Xiaorui Pan,&nbsp;Yinqian Zhang,&nbsp;XiaoFeng Wang,&nbsp;Vincent Bindschaedler,&nbsp;Haixu Tang,&nbsp;Carl A Gunter","doi":"10.1145/3133956.3134038","DOIUrl":"https://doi.org/10.1145/3133956.3134038","url":null,"abstract":"<p><p>Side-channel risks of Intel's SGX have recently attracted great attention. Under the spotlight is the newly discovered page-fault attack, in which an OS-level adversary induces page faults to observe the page-level access patterns of a protected process running in an SGX enclave. With almost all proposed defense focusing on this attack, little is known about whether such efforts indeed raises the bar for the adversary, whether a simple variation of the attack renders all protection ineffective, not to mention an in-depth understanding of other attack surfaces in the SGX system. In the paper, we report the first step toward systematic analyses of side-channel threats that SGX faces, focusing on the risks associated with its memory management. Our research identifies 8 potential attack vectors, ranging from TLB to DRAM modules. More importantly, we highlight the common misunderstandings about SGX memory side channels, demonstrating that high frequent AEXs can be avoided when recovering EdDSA secret key through a new page channel and fine-grained monitoring of enclave programs (at the level of 64B) can be done through combining both cache and cross-enclave DRAM channels. Our findings reveal the gap between the ongoing security research on SGX and its side-channel weaknesses, redefine the side-channel threat model for secure enclaves, and can provoke a discussion on when to use such a system and how to use it securely.</p>","PeriodicalId":72687,"journal":{"name":"Conference on Computer and Communications Security : proceedings of the ... conference on computer and communications security. ACM Conference on Computer and Communications Security","volume":"2017 ","pages":"2421-2434"},"PeriodicalIF":0.0,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1145/3133956.3134038","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"37041209","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 308
15th Workshop on Privacy in the Electronic Society (WPES 2016) 第十五届电子社会私隐工作坊(WPES 2016)
Conference on Computer and Communications Security : proceedings of the ... conference on computer and communications security. ACM Conference on Computer and Communications Security Pub Date : 2016-10-24 DOI: 10.1145/2976749.2990491
S. Vimercati
{"title":"15th Workshop on Privacy in the Electronic Society (WPES 2016)","authors":"S. Vimercati","doi":"10.1145/2976749.2990491","DOIUrl":"https://doi.org/10.1145/2976749.2990491","url":null,"abstract":"The advancements in the Information and Communication Technologies (ICTs) have introduced new computing paradigms (e.g., cloud computing, pervasive and ubiquitous computing, ambient intelligence and aware-computing) where the techniques for processing, storing, communicating, sharing, and disseminating information have radically changed. These novel computing paradigms bring enormous benefits: the availability of a universal access to data; the reduction in power, storage, hardware, and software costs; and the availability of elastic storage and computation services. While these advantages are appealing, as a side effect there is a tremendous risk of exposure of confidential or sensitive information to privacy breaches. WPES is a yearly forum, this year at its 15th edition, aiming at discussing the open privacy challenges, emerging directions, and original novel approaches for guaranteeing privacy in today's global interconnected society.","PeriodicalId":72687,"journal":{"name":"Conference on Computer and Communications Security : proceedings of the ... conference on computer and communications security. ACM Conference on Computer and Communications Security","volume":"423 1","pages":"1879-1880"},"PeriodicalIF":0.0,"publicationDate":"2016-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"78174983","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Le rythme et la voix, premiers défis d’un traducteur de Claude Simon 节奏和声音,克劳德·西蒙翻译的第一个挑战
Conference on Computer and Communications Security : proceedings of the ... conference on computer and communications security. ACM Conference on Computer and Communications Security Pub Date : 2015-04-30 DOI: 10.4000/CCS.940
K. Holter
{"title":"Le rythme et la voix, premiers défis d’un traducteur de Claude Simon","authors":"K. Holter","doi":"10.4000/CCS.940","DOIUrl":"https://doi.org/10.4000/CCS.940","url":null,"abstract":"Pour tout lecteur il y a des rencontres textuelles plus decisives que d’autres. A plus forte raison pour un etudiant ou doctorant, puisque cela peut determiner la direction de sa vie professionnelle. Cela a ete mon cas, a ma premiere lecture de la premiere phrase de La Route des Flandres : Il tenait une lettre a la main, il leva les yeux me regarda puis de nouveau la lettre puis de nouveau moi, derriere lui je pouvais voir aller et venir passer les taches rouges acajou ocre des chevaux qu’on ...","PeriodicalId":72687,"journal":{"name":"Conference on Computer and Communications Security : proceedings of the ... conference on computer and communications security. ACM Conference on Computer and Communications Security","volume":"12 1","pages":"21-30"},"PeriodicalIF":0.0,"publicationDate":"2015-04-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89387102","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Simon au pays des soviets. Notes sur la réception de l’œuvre simonienne en Russie 西蒙在苏联国家。关于在俄罗斯接受西蒙尼作品的说明
Conference on Computer and Communications Security : proceedings of the ... conference on computer and communications security. ACM Conference on Computer and Communications Security Pub Date : 2014-05-31 DOI: 10.4000/CCS.911
Alexey Vishnyakov
{"title":"Simon au pays des soviets. Notes sur la réception de l’œuvre simonienne en Russie","authors":"Alexey Vishnyakov","doi":"10.4000/CCS.911","DOIUrl":"https://doi.org/10.4000/CCS.911","url":null,"abstract":"Quel ecrivain pourrait ignorer un pays avec un heritage litteraire si brillant (Gogol, Tourgueniev, Tolstoi et Dostoievski)et qui ne peut etre nomme autrement que monumental ? Et puis – comment ne pas s’interesser a ce meme pays devenu un polygone pour la doctrine (l’utopie ?) marxiste […],le pays ou sont apparues des personnalites aussi monumentales(dans le mal comme dans le bien) que Lenine, Trotski ou Staline ? La Russie occupe dans l’ethnographie imaginaire de Simon l’une des premieres pl...","PeriodicalId":72687,"journal":{"name":"Conference on Computer and Communications Security : proceedings of the ... conference on computer and communications security. ACM Conference on Computer and Communications Security","volume":"74 1","pages":"145-168"},"PeriodicalIF":0.0,"publicationDate":"2014-05-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"91396130","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Nonlinear Phenomena and Resonant Parametric Perturbation Control in QR-ZCS Buck DC-DC Converters QR-ZCS降压型DC-DC变换器的非线性现象及共振参数摄动控制
Conference on Computer and Communications Security : proceedings of the ... conference on computer and communications security. ACM Conference on Computer and Communications Security Pub Date : 2013-01-01 DOI: 10.1007/978-3-642-33914-1_13
Fei-Hu Hsieh, Fengxia Liu, Hui-Chang Hsieh
{"title":"Nonlinear Phenomena and Resonant Parametric Perturbation Control in QR-ZCS Buck DC-DC Converters","authors":"Fei-Hu Hsieh, Fengxia Liu, Hui-Chang Hsieh","doi":"10.1007/978-3-642-33914-1_13","DOIUrl":"https://doi.org/10.1007/978-3-642-33914-1_13","url":null,"abstract":"","PeriodicalId":72687,"journal":{"name":"Conference on Computer and Communications Security : proceedings of the ... conference on computer and communications security. ACM Conference on Computer and Communications Security","volume":"3 1","pages":"105-109"},"PeriodicalIF":0.0,"publicationDate":"2013-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89368682","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Optical Spectrum Analysis of Chaotic Synchronization in a Bidirectional Coupled Semiconductor Laser System 双向耦合半导体激光系统混沌同步的光谱分析
Conference on Computer and Communications Security : proceedings of the ... conference on computer and communications security. ACM Conference on Computer and Communications Security Pub Date : 2013-01-01 DOI: 10.1007/978-3-642-33914-1_60
I. Andrei, G. Popescu, C. Ticoș, M. Pascu
{"title":"Optical Spectrum Analysis of Chaotic Synchronization in a Bidirectional Coupled Semiconductor Laser System","authors":"I. Andrei, G. Popescu, C. Ticoș, M. Pascu","doi":"10.1007/978-3-642-33914-1_60","DOIUrl":"https://doi.org/10.1007/978-3-642-33914-1_60","url":null,"abstract":"","PeriodicalId":72687,"journal":{"name":"Conference on Computer and Communications Security : proceedings of the ... conference on computer and communications security. ACM Conference on Computer and Communications Security","volume":"74 1","pages":"425-429"},"PeriodicalIF":0.0,"publicationDate":"2013-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"91396123","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Crouching tiger - hidden payload: security risks of scalable vectors graphics 卧虎藏虎——隐藏载荷:可伸缩矢量图形的安全风险
Conference on Computer and Communications Security : proceedings of the ... conference on computer and communications security. ACM Conference on Computer and Communications Security Pub Date : 2011-10-17 DOI: 10.1145/2046707.2046735
M. Heiderich, Tilman Frosch, Meiko Jensen, Thorsten Holz
{"title":"Crouching tiger - hidden payload: security risks of scalable vectors graphics","authors":"M. Heiderich, Tilman Frosch, Meiko Jensen, Thorsten Holz","doi":"10.1145/2046707.2046735","DOIUrl":"https://doi.org/10.1145/2046707.2046735","url":null,"abstract":"Scalable Vector Graphics (SVG) images so far played a rather small role on the Internet, mainly due to the lack of proper browser support. Recently, things have changed: the W3C and WHATWG draft specifications for HTML5 require modern web browsers to support SVG images to be embedded in a multitude of ways. Now SVG images can be embedded through the classical method via specific tags such as or , or in novel ways, such as with tags, CSS or inline in any HTML5 document. SVG files are generally considered to be plain images or animations, and security-wise, they are being treated as such (e.g., when an embedment of local or remote SVG images into websites or uploading these files into rich web applications takes place). Unfortunately, this procedure poses great risks for the web applications and the users utilizing them, as it has been proven that SVG files must be considered fully functional, one-file web applications potentially containing HTML, JavaScript, Flash, and other interactive code structures. We found that even more severe problems have resulted from the often improper handling of complex and maliciously prepared SVG files by the browsers.\u0000 In this paper, we introduce several novel attack techniques targeted at major websites, as well as modern browsers, email clients and other comparable tools. In particular, we illustrate that SVG images embedded via tag and CSS can execute arbitrary JavaScript code. We examine and present how current filtering techniques are circumventable by using SVG files and subsequently propose an approach to mitigate these risks. The paper showcases our research into the usage of SVG images as attack tools, and determines its impact on state-of-the-art web browsers such as Firefox 4, Internet Explorer 9, and Opera 11.","PeriodicalId":72687,"journal":{"name":"Conference on Computer and Communications Security : proceedings of the ... conference on computer and communications security. ACM Conference on Computer and Communications Security","volume":"88 1","pages":"239-250"},"PeriodicalIF":0.0,"publicationDate":"2011-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74882847","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 21
PaperSpeckle: microscopic fingerprinting of paper 纸斑:纸张的显微指纹
Conference on Computer and Communications Security : proceedings of the ... conference on computer and communications security. ACM Conference on Computer and Communications Security Pub Date : 2011-10-17 DOI: 10.1145/2046707.2046721
Ashlesh Sharma, L. Subramanian, E. Brewer
{"title":"PaperSpeckle: microscopic fingerprinting of paper","authors":"Ashlesh Sharma, L. Subramanian, E. Brewer","doi":"10.1145/2046707.2046721","DOIUrl":"https://doi.org/10.1145/2046707.2046721","url":null,"abstract":"Paper forgery is among the leading causes of corruption in many developing regions. In this paper, we introduce PaperSpeckle, a robust system that leverages the natural randomness property present in paper to generate a fingerprint for any piece of paper. Our goal in developing PaperSpeckle is to build a low-cost paper based authentication mechanism for applications in rural regions such as microfinance, healthcare, land ownership records, supply chain services and education which heavily rely on paper based records. Unlike prior paper fingerprinting techniques that have extracted fingerprints based on the fiber structure of paper, PaperSpeckle uses the texture speckle pattern, a random bright/dark region formation at the microscopic level when light falls on to the paper, to extract a unique fingerprint to identify paper. In PaperSpeckle, we show how to extract a \"repeatable\" texture speckle pattern of a microscopic region of a paper using low-cost machinery involving paper, pen and a cheap microscope. Using extensive testing on different types of paper, we show that PaperSpeckle can produce a robust repeatable fingerprint even if paper is damaged due to crumpling, printing or scribbling, soaking in water or aging with time.","PeriodicalId":72687,"journal":{"name":"Conference on Computer and Communications Security : proceedings of the ... conference on computer and communications security. ACM Conference on Computer and Communications Security","volume":"106 1","pages":"99-110"},"PeriodicalIF":0.0,"publicationDate":"2011-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"75297430","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 55
Poster: shaping network topology for privacy and performance 海报:塑造网络拓扑的隐私和性能
Conference on Computer and Communications Security : proceedings of the ... conference on computer and communications security. ACM Conference on Computer and Communications Security Pub Date : 2011-10-17 DOI: 10.1145/2046707.2093500
Nayantara Mallesh, M. Wright
{"title":"Poster: shaping network topology for privacy and performance","authors":"Nayantara Mallesh, M. Wright","doi":"10.1145/2046707.2093500","DOIUrl":"https://doi.org/10.1145/2046707.2093500","url":null,"abstract":"While it is important to design anonymity systems to be robust against attacks, it is also important to provide good performance to users. We explore ways to improve the security and performance of anonymity systems by building both security and performance properties into the network topology. In particular, we study an expander graph based network topology and apply link-based performance metrics in order to build the topology graph. Such a network can be constructed to have enhanced performance and similar security properties to restricted route topologies with random links. Results show that a sparse, D-regular expander graph topology provides nearly the same security, as measured by the likelihood of an incoming stream exiting through any node in the network, as with a fully-connected graph. Further, when the expander graph is constructed with a bias towards faster links, there is a considerable gain in performance without much loss of security.","PeriodicalId":72687,"journal":{"name":"Conference on Computer and Communications Security : proceedings of the ... conference on computer and communications security. ACM Conference on Computer and Communications Security","volume":"186 1","pages":"813-816"},"PeriodicalIF":0.0,"publicationDate":"2011-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"73941447","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Automatically optimizing secure computation 自动优化安全计算
Conference on Computer and Communications Security : proceedings of the ... conference on computer and communications security. ACM Conference on Computer and Communications Security Pub Date : 2011-10-17 DOI: 10.1145/2046707.2046786
F. Kerschbaum
{"title":"Automatically optimizing secure computation","authors":"F. Kerschbaum","doi":"10.1145/2046707.2046786","DOIUrl":"https://doi.org/10.1145/2046707.2046786","url":null,"abstract":"On the one hand, compilers for secure computation protocols, such as FairPlay or FairPlayMP, have significantly simplified the development of such protocols. On the other hand, optimized protocols with high performance for special problems demand manual development and security verification. The question considered in this paper is: Can we construct a compiler that produces optimized protocols? We present an optimization technique based on logic inference about what is known from input and output. Using the example of median computation we can show that our program analysis and rewriting technique translates a FairPlay program into an equivalent -- in functionality and security -- program that corresponds to the protocol by Aggarwal et al. Nevertheless our technique is general and can be applied to optimize a wide variety of secure computation protocols.","PeriodicalId":72687,"journal":{"name":"Conference on Computer and Communications Security : proceedings of the ... conference on computer and communications security. ACM Conference on Computer and Communications Security","volume":"90 23","pages":"703-714"},"PeriodicalIF":0.0,"publicationDate":"2011-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1145/2046707.2046786","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"72375197","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 51
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信