Search For:

Displaying 1-5 out of 5 total
Usable, Secure, Private Search
Found in: IEEE Security & Privacy
By Mariana Raykova,Ang Cui,Binh Vo,Bin Liu,Tal Malkin,Steven M. Bellovin,Salvatore J. Stolfo
Issue Date:September 2012
pp. 53-60
Real-world applications commonly require untrusting parties to share sensitive information securely. This article describes a secure anonymous database search (SADS) system that provides exact keyword match capability. Using a new reroutable encryption and...
 
Ethics in Security Vulnerability Research
Found in: IEEE Security and Privacy
By Andrea M. Matwyshyn, Ang Cui, Angelos D. Keromytis, Salvatore J. Stolfo
Issue Date:March 2010
pp. 67-72
The authors provide the articulation of the ethical argument for the role of vulnerability researchers and security practitioners. They argue that, provided that these researchers don't themselves engage in conduct that causes harm, their conduct doesn't n...
 
From prey to hunter: transforming legacy embedded devices into exploitation sensor grids
Found in: Proceedings of the 27th Annual Computer Security Applications Conference (ACSAC '11)
By Ang Cui, Jatin Kataria, Salvatore J. Stofo
Issue Date:December 2011
pp. 393-402
Our global communication infrastructures are powered by large numbers of legacy embedded devices. Recent advances in offensive technologies targeting embedded systems have shown that the stealthy exploitation of high-value embedded devices such as router a...
     
Reflections on the engineering and operation of a large-scale embedded device vulnerability scanner
Found in: Proceedings of the First Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (BADGERS '11)
By Ang Cui, Salvatore J. Stolfo
Issue Date:April 2011
pp. 8-18
We present important lessons learned from the engineering and operation of a large-scale embedded device vulnerability scanner infrastructure. Developed and refined over the period of one year, our vulnerability scanner monitored large portions of the Inte...
     
A quantitative analysis of the insecurity of embedded network devices: results of a wide-area scan
Found in: Proceedings of the 26th Annual Computer Security Applications Conference (ACSAC '10)
By Ang Cui, Salvatore J. Stolfo
Issue Date:December 2010
pp. 97-106
We present a quantitative lower bound on the number of vulnerable embedded device on a global scale. Over the past year, we have systematically scanned large portions of the internet to monitor the presence of trivially vulnerable embedded devices. At the ...
     
 1