Publications

Refine Results

(Filters Applied) Clear All

Bootstrapping and Maintaining Trust in the Cloud(469.63 KB)

Date:
December 5, 2016
Published in:
Proceedings of the 32nd Annual Computer Security Applications Conference, ACSAC 2016
Type:
Conference Paper

Summary

Today's infrastructure as a service (IaaS) cloud environments rely upon full trust in the provider to secure applications and data. In this paper we introduce keylime, a scalable trusted cloud key management system. Keylime provides an end-to-end solution for both bootstrapping hardware rooted cryptographic identities for IaaS nodes and for system integrity monitoring of those nodes via periodic attestation.

Timely Rerandomization for Mitigating Memory Disclosures(215.65 KB)

Date:
October 12, 2015
Published in:
Proceedings of ACM Conference on Computer and Communications Security (CCS)
Type:
Conference Paper

Summary

Address Space Layout Randomization (ASLR) can increase the cost of exploiting memory corruption vulnerabilities. One major weakness of ASLR is that it assumes the secrecy of memory addresses and is thus ineffective in the face of memory disclosure vulnerabilities. In this paper we present an approach that synchronizes randomization with potential runtime disclosure.

On the Challenges of Effective Movement(601.2 KB)

Date:
November 3, 2014
Published in:
Proceedings of the ACM CCS Moving Target Defense Workshop
Type:
Conference Paper

Summary

Moving Target (MT) defenses have been proposed as a game changing approach to rebalance the security landscape in favor of the defender. However, a number of challenges in achieving effective movement lead to weaknesses in MT techniques that can often be used by the attackers to bypass or otherwise nullify the impact of that movement. In this paper, we propose that these challenges can be grouped into three main types: coverage, unpredictability, and timeliness.

Showing Results

1-3 of 3