DESIGN AND EVALUATION OF INFORMATION FLOW SIGNATURE FOR SECURE COMPUTATION OF APPLICATIONS BY PRATEEK PATEL

[1]  Ravishankar K. Iyer,et al.  Software Dependability in the Tandem GUARDIAN System , 1995, IEEE Trans. Software Eng..

[2]  Jun Yang,et al.  Fast secure processor for inhibiting software piracy and tampering , 2003, Proceedings. 36th Annual IEEE/ACM International Symposium on Microarchitecture, 2003. MICRO-36..

[3]  Nathanael Paul,et al.  Where's the FEEB? The Effectiveness of Instruction Set Randomization , 2005, USENIX Security Symposium.

[4]  Hsien-Hsin S. Lee,et al.  High Speed Memory Centric Protection on Software Execution Using One-Time-Pad Prediction , 2004 .

[5]  Michael J. Butler,et al.  The Use of Formal Methods in the Analysis of Trust (Position Paper) , 2004, iTrust.

[6]  Mark Horowitz,et al.  Implementing an untrusted operating system on trusted hardware , 2003, SOSP '03.

[7]  Trevor N. Mudge,et al.  ChipLock: support for secure microarchitectures , 2005, CARN.

[8]  Dawn M. Cappelli,et al.  Insider Threat Study: Computer System Sabotage in Critical Infrastructure Sectors , 2005 .

[9]  Gavin Lowe Casper: a compiler for the analysis of security protocols , 1998 .

[10]  G. Edward Suh,et al.  Caches and hash trees for efficient memory integrity verification , 2003, The Ninth International Symposium on High-Performance Computer Architecture, 2003. HPCA-9 2003. Proceedings..

[11]  Jonathan P. Bowen,et al.  Ten Commandments of Formal Methods , 1995, Computer.

[12]  J. D. Tygar,et al.  Strongbox: A System for Self-Securing Programs , 2004 .

[13]  Tao Zhang,et al.  Attacks and risk analysis for hardware supported software copy protection systems , 2004, DRM '04.

[14]  Xuxian Jiang,et al.  Defeating Dynamic Data Kernel Rootkit Attacks via VMM-Based Guest-Transparent Monitoring , 2009, 2009 International Conference on Availability, Reliability and Security.

[15]  Marten van Dijk,et al.  Efficient memory integrity verification and encryption for secure processors , 2003, Proceedings. 36th Annual IEEE/ACM International Symposium on Microarchitecture, 2003. MICRO-36..

[16]  William A. Arbaugh,et al.  A secure and reliable bootstrap architecture , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[17]  Jean-Didier Legat,et al.  Enhancing security in the memory management unit , 1999, Proceedings 25th EUROMICRO Conference. Informatics: Theory and Practice for the New Millennium.

[18]  Yuanyuan Zhou,et al.  Designing and Implementing Malicious Hardware , 2008, LEET.

[19]  Arati Baliga,et al.  Automatic Inference and Enforcement of Kernel Data Structure Invariants , 2008, 2008 Annual Computer Security Applications Conference (ACSAC).

[20]  David von Oheimb Interacting State Machines: A Stateful Approach to Proving Security , 2002, FASec.

[21]  Aleksandar Milenkovic,et al.  A framework for trusted instruction execution via basic block signature verification , 2004, ACM-SE 42.

[22]  Tao Zhang,et al.  Hardware assisted control flow obfuscation for embedded processors , 2004, CASES '04.

[23]  Tao Zhang,et al.  HIDE: an infrastructure for efficiently protecting information leakage on the address bus , 2004, ASPLOS XI.

[24]  Hsien-Hsin S. Lee,et al.  Architectural support for high speed protection of memory integrity and confidentiality in multiprocessor systems , 2004, Proceedings. 13th International Conference on Parallel Architecture and Compilation Techniques, 2004. PACT 2004..

[25]  Ramarathnam Venkatesan,et al.  Towards integral binary execution: implementing oblivious hashing using overlapped instruction encodings , 2007, MM&Sec.

[26]  Shambhu J. Upadhyaya Real-Time Intrusion Detection with Emphasis on Insider Attacks , 2003, MMM-ACNS.

[27]  Christoforos E. Kozyrakis,et al.  Raksha: a flexible information flow architecture for software security , 2007, ISCA '07.

[28]  Vitaly Shmatikov,et al.  Finite-state analysis of two contract signing protocols , 2002, Theor. Comput. Sci..

[29]  Ravishankar K. Iyer,et al.  An architectural framework for providing reliability and security support , 2004, International Conference on Dependable Systems and Networks, 2004.

[30]  Salim Hariri,et al.  Randomized Instruction Set Emulation To Disrupt Binary Code Injection Attacks , 2003 .

[31]  Timothy J. Slegel,et al.  The IBM eServer z990 microprocessor , 2004, IBM J. Res. Dev..

[32]  Jack W. Davidson,et al.  Security through redundant data diversity , 2008, 2008 IEEE International Conference on Dependable Systems and Networks With FTCS and DCC (DSN).

[33]  Robert Tappan Morris,et al.  USENIX Association Proceedings of HotOS IX : The 9 th Workshop on Hot Topics in Operating Systems , 2003 .

[34]  Mark Horowitz,et al.  Specifying and verifying hardware for tamper-resistant software , 2003, 2003 Symposium on Security and Privacy, 2003..

[35]  Jean-Didier Legat,et al.  Hardware security for software privacy support , 1999 .

[36]  Tal Garfinkel,et al.  Terra: a virtual machine-based platform for trusted computing , 2003, SOSP '03.

[37]  Volkmar Lotz,et al.  A Formal Security Model of the Infineon SLE 88 Smart Card Memory Managment , 2003, ESORICS.

[38]  Ramarathnam Venkatesan,et al.  Oblivious Hashing: A Stealthy Software Integrity Verification Primitive , 2002, Information Hiding.

[39]  Karthik Pattabiraman,et al.  Samurai: protecting critical data in unsafe languages , 2008, Eurosys '08.

[40]  Niels Provos,et al.  Preventing Privilege Escalation , 2003, USENIX Security Symposium.

[41]  Volkmar Lotz,et al.  Generic Interacting State Machines and Their Instantiation with Dynamic Features , 2003, ICFEM.

[42]  Volkmar Lotz,et al.  Formal Security Analysis with Interacting State Machines , 2002, ESORICS.

[43]  Ravishankar K. Iyer,et al.  A data-driven finite state machine model for analyzing security vulnerabilities , 2003, 2003 International Conference on Dependable Systems and Networks, 2003. Proceedings..

[44]  Somesh Jha,et al.  Automated generation and analysis of attack graphs , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[45]  Edmund M. Clarke,et al.  Formal Methods: State of the Art and Future Directions Working Group Members , 1996 .

[46]  Sean W. Smith,et al.  Trusting Trusted Hardware: Towards a Formal Model for Programmable Secure Coprocessors , 1998, USENIX Workshop on Electronic Commerce.

[47]  Bennet S. Yee,et al.  Dyad : a system for using physically secure coprocessors , 1991 .

[48]  Daniel C. DuVarney,et al.  SELF: a transparent security extension for ELF binaries , 2003, NSPW '03.

[49]  David Zhang,et al.  Secure program execution via dynamic information flow tracking , 2004, ASPLOS XI.

[50]  Fabian Monrose,et al.  Distributed Execution with Remote Audit , 1999, NDSS.

[51]  David Brumley,et al.  Privtrans: Automatically Partitioning Programs for Privilege Separation , 2004, USENIX Security Symposium.

[52]  David von Oheimb Information Flow Control Revisited: Noninfluence = Noninterference + Nonleakage , 2004, ESORICS.

[53]  Ravishankar K. Iyer,et al.  Formal Reasoning of Various Categories of Widely Exploited Security Vulnerabilities by Pointer Taintedness Semantics , 2004, SEC.

[54]  Dawn M. Cappelli,et al.  Insider Threat Study: Illicit Cyber Activity in the Banking and Finance Sector , 2005 .

[55]  Ravishankar K. Iyer,et al.  Automated Derivation of Application-aware Error Detectors using Static Analysis , 2007, 13th IEEE International On-Line Testing Symposium (IOLTS 2007).

[56]  Susan Older,et al.  Formal Methods for Assuring Security of Protocols , 2002, Comput. J..

[57]  Alok N. Choudhary,et al.  CODESSEAL: Compiler/FPGA Approach to Secure Applications , 2005, ISI.

[58]  Ed Skoudis,et al.  Malware: Fighting Malicious Code , 2003 .

[59]  Elvinia Riccobene,et al.  A Realistic Environment for Crypto-Protocol Analyses by ASMs , 1998, Workshop on Abstract State Machines.

[60]  Farinaz Koushanfar,et al.  Active Hardware Metering for Intellectual Property Protection and Security , 2007, USENIX Security Symposium.

[61]  Tao Zhang,et al.  Anomalous path detection with hardware support , 2005, CASES '05.

[62]  Hsien-Hsin S. Lee,et al.  Towards the issues in architectural support for protection of software execution , 2005, CARN.

[63]  Nasir D. Memon,et al.  SAFE-OPS: An approach to embedded software security , 2005, TECS.

[64]  Alok N. Choudhary,et al.  Flexible software protection using hardware/software codesign techniques , 2004, Proceedings Design, Automation and Test in Europe Conference and Exhibition.

[65]  Elaine Shi,et al.  Pioneer: verifying code integrity and enforcing untampered code execution on legacy systems , 2005, SOSP '05.

[66]  Frank Tip,et al.  A survey of program slicing techniques , 1994, J. Program. Lang..

[67]  Ravishankar K. Iyer,et al.  NFTAPE: a framework for assessing dependability in distributed systems with lightweight fault injectors , 2000, Proceedings IEEE International Computer Performance and Dependability Symposium. IPDS 2000.

[68]  John C. Knight,et al.  A security architecture for survivability mechanisms , 2001 .

[69]  Ravishankar K. Iyer,et al.  An end-to-end approach for the automatic derivation of application-aware error detectors , 2009, 2009 IEEE/IFIP International Conference on Dependable Systems & Networks.

[70]  Dan Boneh,et al.  Architectural Support For Copy And Tamper-Resistant Software PhD Thesis , 2003 .

[71]  Jonathan D. Pincus,et al.  Beyond stack smashing: recent advances in exploiting buffer overruns , 2004, IEEE Security & Privacy Magazine.

[72]  Ruby B. Lee,et al.  Runtime execution monitoring (REM) to detect and prevent malicious code execution , 2004, IEEE International Conference on Computer Design: VLSI in Computers and Processors, 2004. ICCD 2004. Proceedings..

[73]  Stephen T. Kent Protecting externally supplied software in small computers , 1980 .