Intrusion-Resilient Middleware Design and Validation
暂无分享,去创建一个
Miguel Correia | Paulo Veríssimo | Nuno Neves | Paulo Sousa | P. Veríssimo | N. Neves | M. Correia | Paulo Sousa
[1] John Johansen,et al. PointGuard™: Protecting Pointers from Buffer Overflow Vulnerabilities , 2003, USENIX Security Symposium.
[2] Paulo Veríssimo,et al. Intrusion-tolerant middleware: the road to automatic security , 2006, IEEE Security & Privacy.
[3] Tomas Olovsson,et al. Data Collection for Security Fault Forecasting - Pilot Experiment , 1993 .
[4] Eugene H. Spafford,et al. The COPS Security Checker System , 1990, USENIX Summer.
[5] L. Spitzner,et al. Honeypots: Tracking Hackers , 2002 .
[6] Crispan Cowan,et al. StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks , 1998, USENIX Security Symposium.
[7] Miguel Correia,et al. Using Attack Injection to Discover New Vulnerabilities , 2006, International Conference on Dependable Systems and Networks (DSN'06).
[8] Michel Cukier,et al. An experimental evaluation to determine if port scans are precursors to an attack , 2005, 2005 International Conference on Dependable Systems and Networks (DSN'05).
[9] Paulo Veríssimo,et al. How resilient are distributed f fault/intrusion-tolerant systems? , 2005, 2005 International Conference on Dependable Systems and Networks (DSN'05).
[10] Van-Hau Pham,et al. Understanding threats: a prerequisite to enhance survivability of computing systems , 2008, Int. J. Crit. Infrastructures.
[11] Paulo Veríssimo,et al. Hidden problems of asynchronous proactive recovery , 2007 .
[12] David Powell,et al. Failure mode assumptions and assumption coverage , 1992, [1992] Digest of Papers. FTCS-22: The Twenty-Second International Symposium on Fault-Tolerant Computing.
[13] Miguel Correia,et al. Randomized Intrusion-Tolerant Asynchronous Services , 2006, International Conference on Dependable Systems and Networks (DSN'06).
[14] Paulo Veríssimo. Thou Shalt Not Trust non-Trustworthy Systems , 2006, 26th IEEE International Conference on Distributed Computing Systems Workshops (ICDCSW'06).
[15] Steven M. Bellovin,et al. There Be Dragons , 1992, USENIX Summer.
[16] Miguel Correia,et al. Evaluating Byzantine Quorum Systems , 2007, 2007 26th IEEE International Symposium on Reliable Distributed Systems (SRDS 2007).
[17] Radu Rugina,et al. Memory Leak Analysis by Contradiction , 2006, SAS.
[18] Marko Vukolic,et al. Refined quorum systems , 2007, PODC '07.
[19] Miguel Correia,et al. Worm-IT - A wormhole-based intrusion-tolerant group communication system , 2007, J. Syst. Softw..
[20] Thomas A. Henzinger,et al. Checking Memory Safety with Blast , 2005, FASE.
[21] Daniel P. Siewiorek,et al. Reliable computer systems (2nd ed.): design and evaluation , 1992 .
[22] Jean-Philippe Martin,et al. A framework for dynamic Byzantine storage , 2004, International Conference on Dependable Systems and Networks, 2004.
[23] Carl E. Landwehr,et al. Basic concepts and taxonomy of dependable and secure computing , 2004, IEEE Transactions on Dependable and Secure Computing.
[24] Marc Dacier,et al. Lessons learned from the deployment of a high-interaction honeypot , 2006, 2006 Sixth European Dependable Computing Conference.
[25] Michael K. Reiter,et al. Secure and scalable replication in Phalanx , 1998, Proceedings Seventeenth IEEE Symposium on Reliable Distributed Systems (Cat. No.98CB36281).
[26] David A. Wagner,et al. A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities , 2000, NDSS.
[27] Fred B. Schneider,et al. Implementing fault-tolerant services using the state machine approach: a tutorial , 1990, CSUR.
[28] David Evans,et al. Statically Detecting Likely Buffer Overflow Vulnerabilities , 2001, USENIX Security Symposium.
[29] Rodrigo Rodrigues,et al. Tolerating Byzantine Faulty Clients in a Quorum System , 2006, 26th IEEE International Conference on Distributed Computing Systems (ICDCS'06).
[30] Robert Meyer,et al. Assessing the Attack Threat due to IRC Channels , 2006, International Conference on Dependable Systems and Networks (DSN'06).
[31] Fabien Pouget. White paper: honeypot, honeynet, honeytoken: terminological issues , 2003 .
[32] David H. Ackley,et al. Randomized instruction set emulation to disrupt binary code injection attacks , 2003, CCS '03.
[33] Fred B. Schneider,et al. CODEX: a robust and secure secret distribution system , 2004, IEEE Transactions on Dependable and Secure Computing.
[34] Miguel Correia,et al. Intrusion-Tolerant Architectures: Concepts and Design , 2002, WADS.
[35] William H. Sanders,et al. The Möbius Framework and Its Implementation , 2002, IEEE Trans. Software Eng..
[36] C. Stoll. The Cuckoo's Egg : Tracking a Spy Through the Maze of Computer Espionage , 1990 .
[37] Miguel Correia,et al. Efficient Byzantine-resilient reliable multicast on a hybrid failure model , 2002, 21st IEEE Symposium on Reliable Distributed Systems, 2002. Proceedings..
[38] Hugo Krawczyk,et al. Proactive Secret Sharing Or: How to Cope With Perpetual Leakage , 1995, CRYPTO.
[39] Alexander Aiken,et al. Flow-sensitive type qualifiers , 2002, PLDI '02.
[40] Peter Oehlert,et al. Violating Assumptions with Fuzzing , 2005, IEEE Secur. Priv..
[41] Algirdas Avizienis,et al. A fault tolerance approach to computer viruses , 1988, Proceedings. 1988 IEEE Symposium on Security and Privacy.
[42] Michael Dahlin,et al. Minimal Byzantine Storage , 2002, DISC.
[43] Marc Dacier,et al. Honeypots: practical means to validate malicious fault assumptions , 2004, 10th IEEE Pacific Rim International Symposium on Dependable Computing, 2004. Proceedings..
[44] Ravishankar K. Iyer,et al. Transparent runtime randomization for security , 2003, 22nd International Symposium on Reliable Distributed Systems, 2003. Proceedings..
[45] Avishai Wool,et al. The load and availability of Byzantine quorum systems , 1997, PODC '97.
[46] Stefano Tessaro,et al. Optimal Resilience for Erasure-Coded Byzantine Distributed Storage , 2005, International Conference on Dependable Systems and Networks (DSN'06).
[47] Michael K. Reiter,et al. Secure agreement protocols: reliable and atomic group multicast in rampart , 1994, CCS '94.
[48] Miguel Castro,et al. Using abstraction to improve fault tolerance , 2001, Proceedings Eighth Workshop on Hot Topics in Operating Systems.
[49] Miguel Castro,et al. BASE: using abstraction to improve fault tolerance , 2001, SOSP.
[50] H. Venkateswaran,et al. Responsive Security for Stored Data , 2003, IEEE Trans. Parallel Distributed Syst..
[51] Robbert van Renesse,et al. COCA: a secure distributed online certification authority , 2002, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems].
[52] Liuba Shrira,et al. HQ replication: a hybrid quorum protocol for byzantine fault tolerance , 2006, OSDI '06.
[53] Paulo Veríssimo,et al. On the Resilience of Intrusion-Tolerant Distributed Systems , 2006 .
[54] Adi Shamir,et al. How to share a secret , 1979, CACM.
[55] Michael K. Reiter,et al. Byzantine quorum systems , 1997, STOC '97.
[56] Miguel Castro,et al. Practical byzantine fault tolerance and proactive recovery , 2002, TOCS.
[57] Liming Chen,et al. N-VERSION PROGRAMMINC: A FAULT-TOLERANCE APPROACH TO RELlABlLlTY OF SOFTWARE OPERATlON , 1995, Twenty-Fifth International Symposium on Fault-Tolerant Computing, 1995, ' Highlights from Twenty-Five Years'..
[58] Nuno Ferreira Neves,et al. Robustness Testing of the Windows DDK , 2007, 37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN'07).
[59] Daniel P. Siewiorek,et al. Reliable Computer Systems: Design and Evaluation, Third Edition , 1998 .
[60] Robbert van Renesse,et al. APSS: proactive secret sharing in asynchronous systems , 2005, TSEC.
[61] G. R. Blakley,et al. Safeguarding cryptographic keys , 1899, 1979 International Workshop on Managing Requirements Knowledge (MARK).
[62] Michael O. Rabin,et al. Efficient dispersal of information for security, load balancing, and fault tolerance , 1989, JACM.
[63] Clifford Stoll,et al. Stalking the wily hacker , 1988, CACM.
[64] David Powell,et al. A fault- and intrusion- tolerant file system , 1985 .
[65] Miguel Correia,et al. How to tolerate half less one Byzantine nodes in practical distributed systems , 2004, Proceedings of the 23rd IEEE International Symposium on Reliable Distributed Systems, 2004..
[66] Nancy A. Lynch,et al. Impossibility of distributed consensus with one faulty process , 1983, PODS '83.
[67] John Lane,et al. Customizable Fault Tolerance forWide-Area Replication , 2007, 2007 26th IEEE International Symposium on Reliable Distributed Systems (SRDS 2007).
[68] Paulo Veríssimo,et al. Proactive resilience through architectural hybridization , 2006, SAC.
[69] Yves Deswarte,et al. An intrusion tolerant architecture for dynamic content internet servers , 2003, SSRS '03.
[70] Arun Venkataramani,et al. Separating agreement from execution for byzantine fault tolerant services , 2003, SOSP '03.
[71] Philip Koopman,et al. The Exception Handling Effectiveness of POSIX Operating Systems , 2000, IEEE Trans. Software Eng..
[72] Randall J. Atkinson,et al. Security Architecture for the Internet Protocol , 1995, RFC.
[73] HariGovind V. Ramasamy,et al. Parsimonious Asynchronous Byzantine-Fault-Tolerant Atomic Broadcast , 2005, OPODIS.
[74] Leslie Lamport,et al. The Byzantine Generals Problem , 1982, TOPL.
[75] Robin Berthier,et al. Profiling Attacker Behavior Following SSH Compromises , 2007, 37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN'07).
[76] Miguel Correia,et al. Low complexity Byzantine-resilient consensus , 2005, Distributed Computing.
[77] Dhiraj K. Pradhan,et al. Consensus With Dual Failure Modes , 1991, IEEE Trans. Parallel Distributed Syst..
[78] Gary McGraw,et al. ITS4: a static vulnerability scanner for C and C++ code , 2000, Proceedings 16th Annual Computer Security Applications Conference (ACSAC'00).
[79] Paulo Veríssimo,et al. Resilient state machine replication , 2005, 11th Pacific Rim International Symposium on Dependable Computing (PRDC'05).
[80] Jean-Philippe Martin,et al. Fast Byzantine Consensus , 2006, IEEE Transactions on Dependable and Secure Computing.
[81] Robert S. Swarz,et al. Reliable Computer Systems: Design and Evaluation , 1992 .
[82] Stefano Tessaro,et al. Asynchronous verifiable information dispersal , 2005, 24th IEEE Symposium on Reliable Distributed Systems (SRDS'05).
[83] Paulo Veríssimo,et al. Travelling through wormholes: a new look at distributed systems models , 2006, SIGA.
[84] Gary McGraw,et al. Static Analysis for Security , 2004, IEEE Secur. Priv..
[85] Miguel Correia,et al. How Practical Are Intrusion-Tolerant Distributed Systems? , 2006 .
[86] Miguel Correia,et al. Decoupled Quorum-Based Byzantine-Resilient Coordination in Open Distributed Systems , 2006, Sixth IEEE International Symposium on Network Computing and Applications (NCA 2007).
[87] Nancy A. Lynch,et al. Consensus in the presence of partial synchrony , 1988, JACM.
[88] Markus Jakobsson,et al. Proactive public key and signature systems , 1997, CCS '97.
[89] Hugo Krawczyk,et al. A Security Architecture for the Internet Protocol , 1999, IBM Syst. J..
[90] Fabien Pouget. White paper: honeypot, honeynet: a comparative survey , 2003 .
[91] B. Cheswick. An Evening with Berferd In Which a Cracker is Lured, Endured, and Studied , 1997 .
[92] David H. Ackley,et al. Building diverse computer systems , 1997, Proceedings. The Sixth Workshop on Hot Topics in Operating Systems (Cat. No.97TB100133).
[93] William H. Sanders,et al. Dependability and Performance Evaluation of Intrusion-Tolerant Server Architectures , 2003, LADC.
[94] Miguel Correia,et al. From Consensus to Atomic Broadcast: Time-Free Byzantine-Resistant Protocols without Signatures , 2006, Comput. J..
[95] Brian Randell,et al. System structure for software fault tolerance , 1975, IEEE Transactions on Software Engineering.
[96] Jonathan Kirsch,et al. Scaling Byzantine Fault-Tolerant Replication toWide Area Networks , 2006, International Conference on Dependable Systems and Networks (DSN'06).
[97] Daniel C. DuVarney,et al. Efficient Techniques for Comprehensive Protection from Memory Error Exploits , 2005, USENIX Security Symposium.
[98] Dawn Song,et al. Mitigating buffer overflows by operating system randomization , 2002 .
[99] Rafail Ostrovsky,et al. How to withstand mobile virus attacks (extended abstract) , 1991, PODC '91.
[100] Bev Littlewood,et al. Redundancy and Diversity in Security , 2004, ESORICS.
[101] Barton P. Miller,et al. An empirical study of the reliability of UNIX utilities , 1990, Commun. ACM.
[102] Charles P. Shelton,et al. Robustness testing of the Microsoft Win32 API , 2000, Proceeding International Conference on Dependable Systems and Networks. DSN 2000.
[103] Brian Chess,et al. Improving computer security using extended static checking , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.
[104] Gabriel Bracha,et al. An asynchronous [(n - 1)/3]-resilient consensus protocol , 1984, PODC '84.
[105] Fred B. Schneider,et al. Independence from obfuscation: a semantic framework for diversity , 2006, 19th IEEE Computer Security Foundations Workshop (CSFW'06).
[106] Leslie Lamport,et al. The part-time parliament , 1998, TOCS.
[107] Jean Arlat,et al. Dependability of COTS Microkernel-Based Systems , 2002, IEEE Trans. Computers.
[108] Nuno Ferreira Neves,et al. Fuzzing Wi-Fi Drivers to Locate Security Vulnerabilities , 2007, 2008 Seventh European Dependable Computing Conference.
[109] Matt Bishop,et al. Testing C Programs for Buffer Overflow Vulnerabilities , 2003, NDSS.
[110] Michael K. Reiter,et al. Efficient Byzantine-tolerant erasure-coded storage , 2004, International Conference on Dependable Systems and Networks, 2004.
[111] Michael K. Reiter,et al. An Architecture for Survivable Coordination in Large Distributed Systems , 2000, IEEE Trans. Knowl. Data Eng..
[112] Piotr Zieliński,et al. Paxos at war , 2004 .
[113] Henrique Madeira,et al. Characterization of operating systems behavior in the presence of faulty drivers through software fault emulation , 2002, 2002 Pacific Rim International Symposium on Dependable Computing, 2002. Proceedings..
[114] Daniel C. DuVarney,et al. Address Obfuscation: An Efficient Approach to Combat a Broad Range of Memory Error Exploits , 2003, USENIX Security Symposium.
[115] Sam Toueg,et al. Unreliable failure detectors for reliable distributed systems , 1996, JACM.
[116] Anna Lysyanskaya,et al. Asynchronous verifiable secret sharing and proactive cryptosystems , 2002, CCS '02.
[117] Daniel P. Siewiorek,et al. Robustness testing and hardening of CORBA ORB implementations , 2001, 2001 International Conference on Dependable Systems and Networks.
[118] Matt Bishop,et al. Checking for Race Conditions in File Accesses , 1996, Comput. Syst..
[119] Michael K. Reiter,et al. The Rampart Toolkit for Building High-Integrity Services , 1994, Dagstuhl Seminar on Distributed Systems.
[120] Moti Yung,et al. Optimal-resilience proactive public-key cryptosystems , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.
[121] Marc Dacier,et al. Empirical analysis and statistical modeling of attack processes based on honeypots , 2007, ArXiv.
[122] Tal Rabin,et al. Secure distributed storage and retrieval , 1997, Theor. Comput. Sci..
[123] Jean Arlat,et al. Dependability of CORBA systems: service characterization by fault injection , 2002, 21st IEEE Symposium on Reliable Distributed Systems, 2002. Proceedings..
[124] William H. Sanders,et al. Proactive Resilience Revisited: The Delicate Balance Between Resisting Intrusions and Remaining Available , 2006, 2006 25th IEEE Symposium on Reliable Distributed Systems (SRDS'06).
[125] Angelos D. Keromytis,et al. Countering code-injection attacks with instruction-set randomization , 2003, CCS '03.
[126] Miguel Correia,et al. The CRUTIAL reference critical information infrastructure architecture: a blueprint , 2008, Int. J. Syst. Syst. Eng..
[127] Jean Arlat,et al. Characterization of the impact of faulty drivers on the robustness of the Linux kernel , 2004, International Conference on Dependable Systems and Networks, 2004.
[128] Tomas Olovsson,et al. A Quantitative Model of the Security Intrusion Process Based on Attacker Behavior , 1997, IEEE Trans. Software Eng..
[129] David K. Gifford,et al. Weighted voting for replicated data , 1979, SOSP '79.
[130] Franklin Webber,et al. The DPASA Survivable JBI — A High-Water Mark in Intrusion-Tolerant Systems , 2007 .
[131] Paulo Veríssimo. Uncertainty and predictability: can they be reconciled? , 2003 .
[132] Miguel Correia,et al. Resilient Intrusion Tolerance through Proactive and Reactive Recovery , 2007, 13th Pacific Rim International Symposium on Dependable Computing (PRDC 2007).
[133] Sadie Creese,et al. Conceptual Model and Architecture of MAFTIA , 2003 .
[134] Yves Deswarte,et al. Intrusion tolerance in distributed computing systems , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.
[135] Tomas Olovsson,et al. Towards operational measures of computer security: Experimentation and modelling , 1995 .
[136] William H. Sanders,et al. Model-based validation of an intrusion-tolerant information system , 2004, Proceedings of the 23rd IEEE International Symposium on Reliable Distributed Systems, 2004..
[137] Hugo Krawczyk. Distributed fingerprints and secure information dispersal , 1993, PODC '93.