SCOPUS 정보 검색 플랫폼

IFIP Advances in Information and Communication Technology

Volumn 297, Issue , 2009, Pages 63-75

Discovering application-level insider attacks using symbolic execution

(4) Pattabiraman, Karthik a Nakka, Nithin a Kalbarczyk, Zbigniew a Iyer, Ravishankar a

a UNIVERSITY OF ILLINOIS AT URBANA CHAMPAIGN (United States)

Author keywords

[No Author keywords available]

Indexed keywords

ADDRESS SPACE; ASSEMBLY LANGUAGE; ATTACK GOALS; FORMAL TECHNIQUES; INSIDER ATTACK; PROGRAM CODE; SECURITY-CRITICAL; SYMBOLIC EXECUTION;

MODEL CHECKING;

SECURITY OF DATA;

EID: 84868133952 PISSN: 18684238 EISSN: None Source Type: Book Series
DOI: 10.1007/978-3-642-01244-0_6 Document Type: Conference Paper

Times cited : (9)

References (21)

1
- 32644465248
- ERT Coordination Center/Software Engineering Institute, Philadelphia, PA
- Randazzo, M.R., et al.: Insider Threat Study: Illicit Cyber Activity in the Banking and Finance Sector, p. 25. ERT Coordination Center/Software Engineering Institute, Philadelphia, PA (2004)
- (2004) Insider Threat Study: Illicit Cyber Activity in the Banking and Finance Sector , pp. 25
- Randazzo, M.R.¹

2
- 27844543023
- CERT/CC, Philadelphia, PA
- Keeney, M.M., Kowalski, E.F.: Insider Threat Study: Computer System Sabotage in Critical Infrastructure Sectors. CERT/CC, Philadelphia, PA (2005)
- (2005) Insider Threat Study: Computer System Sabotage in Critical Infrastructure Sectors
- Keeney, M.M.¹ Kowalski, E.F.²

3
- 27544447707
- Towards a Theory of Insider Threat Assessment
- In: IEEE Computer Society, Los Alamitos
- Chinchani, R., et al.: Towards a Theory of Insider Threat Assessment. In: Proceedings of the 2005 International Conference on Dependable Systems and Networks. IEEE Computer Society, Los Alamitos (2005)
- (2005) Proceedings of the 2005 International Conference on Dependable Systems and Networks
- Chinchani, R.¹

4
- 38149049950
- Where Can an Insider Attack?
- In: Dimitrakos, T., Martinelli, F., Ryan, P.Y.A., Schneider, S. (eds.) vol.,. Springer, Heidelberg
- Probst, C.W., Hansen, R.R., Nielson, F.: Where Can an Insider Attack? In: Dimitrakos, T., Martinelli, F., Ryan, P.Y.A., Schneider, S. (eds.) FAST 2006. LNCS, vol. 4691, pp. 127-142. Springer, Heidelberg (2007)
- (2007) FAST 2006. LNCS , vol.4691 , pp. 127-142
- Probst, C.W.¹ Hansen, R.R.² Nielson, F.³

5
- 53349095708
- SymPLFIED: Symbolic Program Level Fault-Injection and Error-Detection Framework
- Pattabiraman, K., Nakka, N., Kalbarczyk, Z.: SymPLFIED: Symbolic Program Level Fault-Injection and Error-Detection Framework. In: International Conference on Dependable Systems and Networks (DSN) (2008)
- (2008) International Conference on Dependable Systems and Networks (DSN)
- Pattabiraman, K.¹ Nakka, N.² Kalbarczyk, Z.³

6
- 84885045405
- OpenSSH Development Team
- OpenSSH Development Team., OpenSSH 4.21 (2004)
- (2004) OpenSSH 4.21

7
- 35048898418
- The Maude 2.0 System
- In: Springer, Heidelberg
- Clavel, M., et al.: The Maude 2.0 System. In: Rewriting Technologies and Applications. Springer, Heidelberg (2001)
- (2001) Rewriting Technologies and Applications
- Clavel, M.¹

8
- 84885049979
- CRHC Technical Report, UIUC, Champaign, IL
- Pattabiraman, K., et al.: Discovering Application-level Insider Attacks using Symbolic Execution, CRHC Technical Report, UIUC, Champaign, IL (2008)
- (2008) Discovering Application-level Insider Attacks using Symbolic Execution
- Pattabiraman, K.¹

9
- 84988504967
- A graph-based system for network-vulnerability analysis
- In: Charlottesville
- Phillips, C., Swiler, L.P.: A graph-based system for network-vulnerability analysis. In: Proceedings of the 1998 workshop on New security paradigms. ACM, Charlottesville (1998)
- (1998) Proceedings of the 1998 workshop on New security paradigms. ACM
- Phillips, C.¹ Swiler, L.P.²

10
- 0038687692
- Scalable, graph-based network vulnerability analysis
- In: Washington
- Ammann, P., Wijesekera, D., Kaushik, S.: Scalable, graph-based network vulnerability analysis. In: Proceedings of the 9th ACM conference on Computer and communications security. ACM, Washington (2002)
- (2002) Proceedings of the 9th ACM conference on Computer and communications security. ACM
- Ammann, P.¹ Wijesekera, D.² Kaushik, S.³

11
- 44049089202
- Automated Generation and Analysis of Attack Graphs
- In: IEEE Computer Society, Los Alamitos
- Sheyner, O., et al.: Automated Generation and Analysis of Attack Graphs. In: Proceedings of the 2002 IEEE Symposium on Security and Privacy. IEEE Computer Society, Los Alamitos (2002)
- (2002) Proceedings of the 2002 IEEE Symposium on Security and Privacy
- Sheyner, O.¹

12
- 0016971687
- Symbolic execution and program testing
- King, J.C.: Symbolic execution and program testing. Commun. ACM 19(7), 385-394 (1976)
- (1976) Commun. ACM , vol.19 , Issue.7 , pp. 385-394
- King, J.C.¹

13
- 70450092967
- Bouncer: Securing software by blocking bad input
- In: ACM, Stevenson
- Costa, M., et al.: Bouncer: securing software by blocking bad input. In: Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles. ACM, Stevenson (2007)
- (2007) Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
- Costa, M.¹

14
- 85077528077
- Automating mimicry attacks using static binary analysis
- In: USENIX, Baltimore
- Kruegel, C., et al.: Automating mimicry attacks using static binary analysis. In: Proceedings of the 14th conference on USENIX Security Symposium, vol. 14. USENIX, Baltimore (2005)
- (2005) Proceedings of the 14th conference on USENIX Security Symposium , vol.14
- Kruegel, C.¹

15
- 78649862193
- EECS Department, University of California, Berkeley
- Molnar, D.A., Wagner, D.: Catchconv: Symbolic execution and run-time type inference for integer conversion errors, EECS Department, University of California, Berkeley (2007)
- (2007) Catchconv: Symbolic execution and run-time type inference for integer conversion errors
- Molnar, D.A.¹ Wagner, D.²

16
- 34547241782
- EXE: Automatically generating inputs of death
- In: ACM, Virginia
- Cadar, C., et al.: EXE: automatically generating inputs of death. In: Proceedings of the 13th ACM conference on Computer and communications security. ACM, Virginia (2006)
- (2006) Proceedings of the 13th ACM conference on Computer and communications security
- Cadar, C.¹

17
- 0031123369
- Fault Injection Techniques and Tools
- Hsueh, M.-C., Tsai, T.K., Iyer, R.K.: Fault Injection Techniques and Tools. IEEE Computer 30(4), 75-82 (1997)
- (1997) IEEE Computer , vol.30 , Issue.4 , pp. 75-82
- Hsueh, M.-C.¹ Tsai, T.K.² Iyer, R.K.³

18
- 84957355967
- On the importance of checking cryptographic protocols for faults
- In: Fumy, W. (ed.) Springer, Heidelberg
- Boneh, D., DeMillo, R., Lipton, R.J.: On the importance of checking cryptographic protocols for faults. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 37-51. Springer, Heidelberg (1997)
- (1997) EUROCRYPT 1997. LNCS , vol.1233 , pp. 37-51
- Boneh, D.¹ DeMillo, R.² Lipton, R.J.³

19
- 84939573910
- Differential Power Analysis
- In: Wiener, M. (ed.) Springer, Heidelberg
- Kocher, P.C., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, p. 388. Springer, Heidelberg (1999)
- (1999) CRYPTO 1999. LNCS , vol.1666 , pp. 388
- Kocher, P.C.¹ Jaffe, J.² Jun, B.³

20
- 0035789487
- An Experimental Study of Security Vulnerabilities Caused by Errors
- Xu, J., et al.: An Experimental Study of Security Vulnerabilities Caused by Errors. In: Proceedings of International Conference on Dependable Systems and Networks (DSN) (2001)
- (2001) Proceedings of International Conference on Dependable Systems and Networks (DSN)
- Xu, J.¹

21
- 0037810696
- Using Memory Errors to Attack a Virtual Machine
- In: Los Alamitos
- Govindavajhala, S., Appel, A.W.: Using Memory Errors to Attack a Virtual Machine. In: Proceedings of the 2003 IEEE Symposium on Security and Privacy. IEEE, Los Alamitos (2003)
- (2003) Proceedings of the 2003 IEEE Symposium on Security and Privacy. IEEE
- Govindavajhala, S.¹ Appel, A.W.²

* 이 정보는 Elsevier사의 SCOPUS DB에서 KISTI가 분석하여 추출한 것입니다.