Search For:

Displaying 1-9 out of 9 total
Mitigating access-driven timing channels in clouds using StopWatch
Found in: 2013 43rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)
By Peng Li,Debin Gao,Michael K. Reiter
Issue Date:June 2013
pp. 1-12
This paper presents StopWatch , a system that defends against timing-based side-channel attacks that arise from coresidency of victims and attackers in infrastructure-as-a-service clouds. StopWatch triplicates each cloud-resident guest virtual machine (VM)...
 
HuMan: Creating memorable fingerprints of mobile users
Found in: Pervasive Computing and Communications Workshops, IEEE International Conference on
By Payas Gupta,Tan Kiat Wee,Narayan Ramasubbu,David Lo,Debin Gao,Rajesh Krishna Balan
Issue Date:March 2012
pp. 479-482
In this paper, we present a new way of generating behavioral (not biometric) fingerprints from the cellphone usage data. In particular, we explore if the generated behavioral fingerprints are memorable enough to be remembered by end users. We built a syste...
 
Launching Return-Oriented Programming Attacks against Randomized Relocatable Executables
Found in: IEEE TrustCom/IEEE ICESS/FCST, International Joint Conference of
By Limin Liu,Jin Han,Debin Gao,Jiwu Jing,Daren Zha
Issue Date:November 2011
pp. 37-44
Since the day it was proposed, return-oriented programming has shown to be an effective and powerful attack technique against the write or execute only (W xor X) protection. However, a general belief in the previous research is, systems deployed with addre...
 
Bridging the Gap between Data-Flow and Control-Flow Analysis for Anomaly Detection
Found in: Computer Security Applications Conference, Annual
By Peng Li, Hyundo Park, Debin Gao, Jianming Fu
Issue Date:December 2008
pp. 392-401
Host-based anomaly detectors monitor the control-flow and data-flow behavior of system calls to detect intrusions. Control-flow-based detectors monitor the sequence of system calls, while data-flow-based detectors monitor the data propagation among argumen...
 
Beyond Output Voting: Detecting Compromised Replicas Using HMM-Based Behavioral Distance
Found in: IEEE Transactions on Dependable and Secure Computing
By Debin Gao, Michael K. Reiter, Dawn Song
Issue Date:April 2009
pp. 96-110
Many host-based anomaly detection techniques have been proposed to detect code-injection attacks on servers. The vast majority, however, are susceptible to
 
OTO: online trust oracle for user-centric trust establishment
Found in: Proceedings of the 2012 ACM conference on Computer and communications security (CCS '12)
By Adrian Perrig, Debin Gao, Emmanuel Owusu, Jason Hong, Jun Han, Payas Gupta, Tiffany Hyun-Jin Kim
Issue Date:October 2012
pp. 391-403
Malware continues to thrive on the Internet. Besides automated mechanisms for detecting malware, we provide users with trust evidence information to enable them to make informed trust decisions. To scope the problem, we study the challenge of assisting use...
     
deRop: removing return-oriented programming from malware
Found in: Proceedings of the 27th Annual Computer Security Applications Conference (ACSAC '11)
By Dabi Zou, Debin Gao, Kangjie Lu, Weiping Wen
Issue Date:December 2011
pp. 363-372
Over the last few years, malware analysis has been one of the hottest areas in security research. Many techniques and tools have been developed to assist in automatic analysis of malware. This ranges from basic tools like disassemblers and decompilers, to ...
     
A multi-user steganographic file system on untrusted shared storage
Found in: Proceedings of the 26th Annual Computer Security Applications Conference (ACSAC '10)
By Debin Gao, HweeHwa Pang, Jin Han, Meng Pan
Issue Date:December 2010
pp. 317-326
Existing steganographic file systems enable a user to hide the existence of his secret data by claiming that they are (static) dummy data created during disk initialization. Such a claim is plausible if the adversary only sees the disk content at the point...
     
Gray-box extraction of execution graphs for anomaly detection
Found in: Proceedings of the 11th ACM conference on Computer and communications security (CCS '04)
By Dawn Song, Debin Gao, Michael K. Reiter
Issue Date:October 2004
pp. 318-329
Many host-based anomaly detection systems monitor a process by observing the system calls it makes, and comparing these calls to a model of behavior for the program that the process should be executing. In this paper we introduce a new model of system call...
     
 1