An experimental study of security vulnerabilities caused by errors

Proceedings of the International Conference on Dependable Systems and Networks

Volumn , Issue , 2001, Pages 421-430

  Xu, Jun ^a   Chen, Shuo ^a   Kalbarczyk, Zbigniew ^a   Iyer, Ravishankar K ^a  

^a University of Illinois at Urbana Champaign   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

WEB SERVERS;

ERROR DETECTION; INTERNET; PROBLEM SOLVING; SECURITY SYSTEMS; SERVERS;

COMPUTER ARCHITECTURE;

EID: 0035789487     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/DSN.2001.941426     Document Type: Conference Paper

References (22)

1. Z. Alkhalifa, V. Nair, N. Krishnamurthy, and J. Abraham. Design and Evaluation of System-Level Checks for On-Line Control Flow Error Detection. IEEE Trans. on Parallel and Distributed Systems, 10(6):627-641, June 1999.
2. J. Allen and A. Christie. State of the Practice of Intrusion Detection Technologies. Technical Report CMU/SEI-99-TR-028, Software Engineering Institute, Carnegie Mellon University, Pittsburgh, PA, Jan. 2000.
3. R. Anderson and M. G. Kuhn. Tamper Resistance - a Cautionary Note. In The Second USENIX Workshop on Electronic Commerce Proceedings, pages 1-11, Oakland, CA, Nov. 1996.
4. S. Bagchi. Hierachical Error Detection in a Software Implemented Fault Tolerance (SIFT) Environment. Ph.D. Dissertation, University of Illinois at Urbana-Champaign, Urbana, IL, Jan. 2001.
5. X. Castillo and D. P. Siewiorek. A Workload Dependent Software Reliability Prediction Model. In Proc. of the the 12th Int'l Symp. on Fault-Tolerant Computing, pages 279-286, 1982.
6. M. Dacier, Y. Deswarte, and M. Kaaniche. Models and Tools for Quantitative Assessment of Operational Security. In Proc. of 12th IFIP Information Systems Security Conf. (IFIP/SEC'96), pages 177-186, May 1996.
7. A. Ghosh, T. O'Connor, and G. McGraw. An Automated Approach for Identifying Potential Vulnerabilities in Software. In Proc. IEEE Symp. on Security and Privacy, pages 104-114, Oakland, CA, May 1998.
8. Intel Corporation. Intel Architecture Software Developer's Manual, volume 2, Instruction Set Reference, 1999.
9. R. K. Iyer and D. Rossetti. Effect of System Workload on Operating System Reliability: A Study on IBM 3081. IEEE Trans. on Software Engineering, 11(12):1438-1448, Dec. 1985.
10. M. Kalyanakrishnam, Z. Kalbarczyk, and R. K. Iyer. Failure Data Analysis of a LAN of Windows NT Based Computers. In Proc. of 18th IEEE Symp. on Reliable Distributed Systems, pages 178-187, 1999.
11. O. Kommerling and M. G. Kuhn. Design Principles for Tamper-Resistant Smartcard Processors. In Proc. USENIX Workshop on Smartcard Technology, pages 9-20, Chicago, IL, May 1999.
12. A. Mahmood and E. McCluskey. Concurrent Error Detection Using Watchdog Processors - A Survey. IEEE Trans. on Computers, 37(2):160-174, Feb. 1988.
13. R. Maxion and K. Tan. Benchmarking anomaly-based detection systems. In Proc. Int'l Conf. on Dependable Systems and Networks (DSN 2000), pages 623-630, June 2000.
14. G. Miremadi, J. Karlsson, U. Gunnefl, and J. Torin. Two Software Techniques for On-Line Error Detection. In Proc. Int'l Symp. on Fault-Tolerant Computing (FTCS-22), pages 328-335, July 1992.
15. B. C. Neuman and T. Ts'o. Kerberos: An Authentication Service for Computer Networks. IEEE Communications, 32(9):33-38, Sept. 1994.
16. R. Ortalo, Y. Deswarte, and M. Kaaniche. Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security. IEEE Trans. on Software Engineering, 25(5):633-650, Oct. 1999.
17. J. Postel and J. Reynolds. File Transfer Protocol (FTP). RFC 959, Oct. 1985.
18. R. L. Rivest, A. Shamir, and L. Adleman. A method for obtaining digital signatures and public key cryptosystem. Communications of the ACM, 21(2):120-126, Feb. 1978.
19. D. Stott. Automated Fault-Injection-Based Dependability Analysis of Distributed Computer Systems. Ph.D. Dissertation, University of Illinois at Urbana-Champaign, Urbana, IL, 2001.
20. D. T. Stott, B. Floering, Z. Kalbarczyk, and R. K. Iyer. Dependability Assessment in Distributed Systems with Lightweight Fault Injectors in NFTAPE. In Proc. IEEE Int'l Computer Performance and Dependability Symp., pages 91-100, Mar. 2000.
21. J. Xu, Z. Kalbarczyk, and R. K. Iyer. Networked Windows NT System Field Failure Data Analysis. In Proc. of IEEE Pacific Rim Int'l Symp. on Dependable Computing, pages 178-185, Hong Kong, China, Dec. 1999.
22. T. Ylonen. The SSH (Secure Shell) Remote Login Protocol. Internet-Draft (draft-ylonen-ssh-protocol-00.txt), Nov. 1995.