Search For:

Displaying 1-47 out of 47 total
Leveraging Identity-Based Cryptography for Node ID Assignment in Structured P2P Systems
Found in: Advanced Information Networking and Applications Workshops, International Conference on
By Sunam Ryu, Kevin Butler, Patrick Traynor, Patrick McDaniel
Issue Date:May 2007
pp. 519-524
Structured peer-to-peer systems have grown enormously because of their scalability, efficiency and reliability. These systems assign a unique identifier to each user and object. However, current assignment schemes allow an adversary to carefully select use...
 
Guest Editors' Introduction: Special Issue on Trust, Security, and Privacy in Parallel and Distributed Systems
Found in: IEEE Transactions on Parallel and Distributed Systems
By Zhenfu Cao,Keqiu Li,Xu Li,Patrick McDaniel,Radha Poovendran,Guojun Wang,Yang Xiang
Issue Date:February 2014
pp. 279-282
No summary available.
 
Bloatware Comes to the Smartphone
Found in: IEEE Security & Privacy Magazine
By Patrick McDaniel
Issue Date:July 2012
pp. 85-87
The author explores the security and privacy implications of the now-common industry practice of installing bloatware on phones sold by cellular carriers. Is it merely annoying, or do smartphone users face more serious concerns? Do the economic advantages ...
 
Data Provenance and Security
Found in: IEEE Security and Privacy
By Patrick McDaniel
Issue Date:March 2011
pp. 83-85
One of the unanticipated consequences of the Internet age is a pervasive loss of context. Information is often filtered, sampled, repackaged, condensed, or altered to suit any number of purposes. Over time, the entropy of these processes causes information...
 
Not So Great Expectations: Why Application Markets Haven't Failed Security
Found in: IEEE Security and Privacy
By Patrick McDaniel, William Enck
Issue Date:September 2010
pp. 76-78
Applications markets are the primary software distribution method for mobile devices. While many consumers expect these centralized repositories to provide security guarantees for content, they don't. Even so, the authors argue that markets haven't failed ...
 
Security and Privacy Challenges in the Smart Grid
Found in: IEEE Security and Privacy
By Patrick McDaniel, Stephen McLaughlin
Issue Date:May 2009
pp. 75-77
The electrical grid is undergoing one of the largest transitions in its long history—the move to smart grid technology. This new grid lets customers and providers more efficiently manage and generate power. As with many new technologies, the smart grid als...
 
Guest Editors' Introduction: Special Section on Software Engineering for Secure Systems
Found in: IEEE Transactions on Software Engineering
By Patrick McDaniel, Bashar Nuseibeh
Issue Date:January 2008
pp. 3-4
No summary available.
 
A logical specification and analysis for SELinux MLS policy
Found in: ACM Transactions on Information and System Security (TISSEC)
By Boniface Hicks, Luke St.Clair, Luke St.Clair, Patrick McDaniel, Patrick McDaniel, Sandra Rueda, Sandra Rueda, Trent Jaeger, Trent Jaeger
Issue Date:July 2010
pp. 1-31
The SELinux mandatory access control (MAC) policy has recently added a multilevel security (MLS) model which is able to express a fine granularity of control over a subject's access rights. The problem is that the richness of the SELinux MLS model makes it...
     
Network-Based Root of Trust for Installation
Found in: IEEE Security and Privacy
By Joshua Schiffman, Thomas Moyer, Trent Jaeger, Patrick McDaniel
Issue Date:January 2011
pp. 40-48
Administrators of large datacenters often require network installation mechanisms, such as disk cloning over the network, to manage the integrity of their machines. However, network-based installation is vulnerable to a variety of attacks, including compro...
 
Disk-enabled authenticated encryption
Found in: Mass Storage Systems and Technologies, IEEE / NASA Goddard Conference on
By Kevin Butler, Stephen McLaughlin, Patrick McDaniel
Issue Date:May 2010
pp. 1-6
Storage is increasingly becoming a vector for data compromise. Solutions for protecting on-disk data confidentiality and integrity to date have been limited in their effectiveness. Providing authenticated encryption, or simultaneous encryption with integri...
 
New Security Architectures Based on Emerging Disk Functionality
Found in: IEEE Security and Privacy
By Kevin Butler, Steve McLaughlin, Thomas Moyer, Patrick McDaniel
Issue Date:September 2010
pp. 34-41
Securing operating systems has become increasingly difficult as their size and complexity continue to grow. New advances in hard disk technologies, however, provide a means for helping to manage this complexity; the new functionality made available at the ...
 
Scalable Web Content Attestation
Found in: Computer Security Applications Conference, Annual
By Thomas Moyer, Kevin Butler, Joshua Schiffman, Patrick McDaniel, Trent Jaeger
Issue Date:December 2009
pp. 95-104
The web is a primary means of information sharing for most organizations and people. Currently, a recipient of web content knows nothing about the environment in which that information was generated other than the specific server from whence it came (and e...
 
Semantically Rich Application-Centric Security in Android
Found in: Computer Security Applications Conference, Annual
By Machigar Ongtang, Stephen McLaughlin, William Enck, Patrick McDaniel
Issue Date:December 2009
pp. 340-349
Smartphones are now ubiquitous. However, the security requirements of these relatively new systems and the applications they support are still being understood. As a result, the security infrastructure available in current smartphone operating systems is l...
 
Justifying Integrity Using a Virtual Machine Verifier
Found in: Computer Security Applications Conference, Annual
By Joshua Schiffman, Thomas Moyer, Christopher Shal, Trent Jaeger, Patrick McDaniel
Issue Date:December 2009
pp. 83-92
Emerging distributed computing architectures, such as grid and cloud computing, depend on the high integrity execution of each system in the computation. While integrity measurement enables systems to generate proofs of their integrity to remote parties, w...
 
Understanding Android Security
Found in: IEEE Security and Privacy
By William Enck, Machigar Ongtang, Patrick McDaniel
Issue Date:January 2009
pp. 50-57
Google's Android platform is a widely anticipated open source operating system for mobile phones. This article describes Android's security model and attempts to unmask the complexity of secure application development. The authors conclude by identifying l...
 
Defending Against Attacks on Main Memory Persistence
Found in: Computer Security Applications Conference, Annual
By William Enck, Kevin Butler, Thomas Richardson, Patrick McDaniel, Adam Smith
Issue Date:December 2008
pp. 65-74
Main memory contains transient information for all resident applications. However, if memory chip contents survives power-off, e.g., via freezing DRAM chips, sensitive data such as passwords and keys can be extracted. Main memory persistence will soon be t...
 
PinUP: Pinning User Files to Known Applications
Found in: Computer Security Applications Conference, Annual
By William Enck, Patrick McDaniel, Trent Jaeger
Issue Date:December 2008
pp. 55-64
Users commonly download, patch, and use applications such as email clients, office applications, and media-players from the Internet.
 
Channels: Runtime System Infrastructure for Security-Typed Languages
Found in: Computer Security Applications Conference, Annual
By Boniface Hicks, Tim Misiak, Patrick McDaniel
Issue Date:December 2007
pp. 443-452
Security-typed languages (STLs) are powerful tools for provably implementing policy in applications. The pro- grammer maps policy onto programs by annotating types with information flow labels, and the STL compiler guaran- tees that data always obeys its l...
 
Establishing and Sustaining System Integrity via Root of Trust Installation
Found in: Computer Security Applications Conference, Annual
By Luke St. Clair, Joshua Schiffman, Trent Jaeger, Patrick McDaniel
Issue Date:December 2007
pp. 19-29
Integrity measurements provide a means by which dis- tributed systems can assess the trustability of potentially compromised remote hosts. However, current measurement techniques simply assert the identity of software, but pro- vide no indication of the on...
 
From Languages to Systems: Understanding Practical Application Development in Security-typed Languages
Found in: Computer Security Applications Conference, Annual
By Boniface Hicks, Kiyan Ahmadizadeh, Patrick McDaniel
Issue Date:December 2006
pp. 153-164
Security-typed languages are an evolving tool for implementing systems with provable security guarantees. However, to date, these tools have only been used to build simple ?toy? programs. As described in this paper, we have developed the first real-world, ...
 
Efficient Techniques for Detecting False Origin Advertisements in Inter-domain Routing
Found in: IEEE Workshop on Secure Network Protocols
By Sophie Qiu, Fabian Monrose, Andreas Terzis, Patrick McDaniel
Issue Date:November 2006
pp. 12-19
The Border Gateway Protocol (BGP), and hence the Internet, remains critically vulnerable to a range of prefix forgery attacks. In this paper, we address these attacks by proposing a non-cryptographic, incrementally deployable mechanismto probabilistically ...
 
TARP: Ticket-based Address Resolution Protocol
Found in: Computer Security Applications Conference, Annual
By Wesam Lootah, William Enck, Patrick McDaniel
Issue Date:December 2005
pp. 106-116
IP networks fundamentally rely on the Address Resolution Protocol (ARP) for proper operation. Unfortunately, vulnerabilities in the ARP protocol enable a raft of IP-based impersonation, man-in-the-middle, or DoS attacks. Proposed countermeasures to these v...
 
Secure Reporting of Traffic Forwarding Activity in Mobile Ad Hoc Networks
Found in: Mobile and Ubiquitous Systems, Annual International Conference on
By Heesook Choi, William Enck, Jaesheung Shin, Patrick McDaniel, Thomas F. La Porta
Issue Date:July 2005
pp. 12-21
<p>Nodes forward data on behalf of each other in mobile ad hoc networks. In a civilian application, nodes are assumed to be selfish and rational, i.e., they pursue their own self-interest. Hence, the ability to accurately measure traffic forwarding i...
 
Antigone: Policy-based Secure Group Communication System and AMirD: Antigone-based Secure File Mirroring System
Found in: DARPA Information Survivability Conference and Exposition,
By Jim Irrer, Atul Prakash, Patrick McDaniel
Issue Date:April 2003
pp. 44
No summary available.
 
Flexibly Constructing Secure Groups in Antigone 2.0.
Found in: DARPA Information Survivability Conference and Exposition,
By Patrick McDaniel, Atul Prakash, Jim Irrer, Sharad Mittal, Thai-Chuin Thuang
Issue Date:June 2001
pp. 55
Abstract: Group communication is increasingly used as a low cost building block for the development of highly available and survivable services in dynamic environments. However, contemporary frameworks often provide limited facilities for the definition an...
 
On cellular botnets: measuring the impact of malicious devices on a cellular network core
Found in: Proceedings of the 16th ACM conference on Computer and communications security (CCS '09)
By Machigar Ongtang, Michael Lin, Patrick McDaniel, Patrick Traynor, Thomas La Porta, Trent Jaeger, Vikhyath Rao
Issue Date:November 2009
pp. 223-234
The vast expansion of interconnectivity with the Internet and the rapid evolution of highly-capable but largely insecure mobile devices threatens cellular networks. In this paper, we characterize the impact of the large scale compromise and coordination of...
     
Noninvasive Methods for Host Certification
Found in: ACM Transactions on Information and System Security (TISSEC)
By Boniface Hicks, Michael Chien, Patrick McDaniel, Patrick Traynor, Scott Weaver
Issue Date:March 2008
pp. 1-23
Determining whether a user or system is exercising appropriate security practices is difficult in any context. Such difficulties are particularly pronounced when uncontrolled or unknown platforms join public networks. Commonly practiced techniques used to ...
     
Secure attribute-based systems
Found in: Proceedings of the 13th ACM conference on Computer and communications security (CCS '06)
By Brent Waters, Matthew Pirretti, Patrick McDaniel, Patrick Traynor
Issue Date:October 2006
pp. 99-112
Attributes define, classify, or annotate the datum to which they are assigned. However, traditional attribute architectures and cryptosystems are ill-equipped to provide security in the face of diverse access requirements and environments. In this paper, w...
     
Mitigating attacks on open functionality in SMS-capable cellular networks
Found in: Proceedings of the 12th annual international conference on Mobile computing and networking (MobiCom '06)
By Patrick McDaniel, Patrick Traynor, Thomas La Porta, William Enck
Issue Date:September 2006
pp. 182-193
The transformation of telecommunications networks from homogeneous closed systems providing only voice services to Internet-connected open networks that provide voice and data services presents significant security challenges. For example, recent research ...
     
Exploiting open functionality in SMS-capable cellular networks
Found in: Proceedings of the 12th ACM conference on Computer and communications security (CCS '05)
By Patrick McDaniel, Patrick Traynor, Thomas La Porta, William Enck
Issue Date:November 2005
pp. 393-404
Cellular networks are a critical component of the economic and social infrastructures in which we live. In addition to voice services, these networks deliver alphanumeric text messages to the vast majority of wireless subscribers. To encourage the expansio...
     
A Flexible Architecture for Security Policy Enforcement
Found in: DARPA Information Survivability Conference and Exposition,
By Patrick McDaniel, Atul Prakash
Issue Date:April 2003
pp. 234
Significant progress has been made on the design of security policy representations for complex communication systems. A significant problem however remains - how to design software architectures that enforce ever- changing security policy requirements eff...
 
Methods and Limitations of Security Policy Reconciliation
Found in: Security and Privacy, IEEE Symposium on
By Patrick McDaniel, Atul Prakash
Issue Date:May 2002
pp. 73
A security policy is a means by which participant session requirements are specified. However, existing frameworks provide limited facilities for the automatereconciliation of participant policies. This paper considers the limits and methods of reconciliat...
 
TaintDroid: an information flow tracking system for real-time privacy monitoring on smartphones
Found in: Communications of the ACM
By Anmol N. Sheth, Byung-Gon Chun, Jaeyeon Jung, Landon P. Cox, Patrick McDaniel, Peter Gilbert, William Enck
Issue Date:March 2014
pp. 99-106
Today's smartphone operating systems frequently fail to provide users with adequate control over and visibility into how third-party applications use their privacy-sensitive data. We address these shortcomings with TaintDroid, an efficient, systemwide dyna...
     
Hi-Fi: collecting high-fidelity whole-system provenance
Found in: Proceedings of the 28th Annual Computer Security Applications Conference (ACSAC '12)
By Devin J. Pohly, Kevin Butler, Patrick McDaniel, Stephen McLaughlin
Issue Date:December 2012
pp. 259-268
Data provenance---a record of the origin and evolution of data in a system---is a useful tool for forensic analysis. However, existing provenance collection mechanisms fail to achieve sufficient breadth or fidelity to provide a holistic view of a system's ...
     
Retargeting Android applications to Java bytecode
Found in: Proceedings of the ACM SIGSOFT 20th International Symposium on the Foundations of Software Engineering (FSE '12)
By Damien Octeau, Patrick McDaniel, Somesh Jha
Issue Date:November 2012
pp. 1-11
The Android OS has emerged as the leading platform for SmartPhone applications. However, because Android applications are compiled from Java source into platform-specific Dalvik bytecode, existing program analysis tools cannot be used to evaluate their beh...
     
SABOT: specification-based payload generation for programmable logic controllers
Found in: Proceedings of the 2012 ACM conference on Computer and communications security (CCS '12)
By Patrick McDaniel, Stephen McLaughlin
Issue Date:October 2012
pp. 439-449
Programmable Logic Controllers (PLCs) drive the behavior of industrial control systems according to uploaded programs. It is now known that PLCs are vulnerable to the uploading of malicious code that can have severe physical consequences. What is not under...
     
Minimizing private data disclosures in the smart grid
Found in: Proceedings of the 2012 ACM conference on Computer and communications security (CCS '12)
By Ninghui Li, Patrick McDaniel, Stephen McLaughlin, Wahbeh Qardaji, Weining Yang, Yuan Qi
Issue Date:October 2012
pp. 415-427
Smart electric meters pose a substantial threat to the privacy of individuals in their own homes. Combined with non-intrusive load monitors, smart meter data can reveal precise home appliance usage information. An emerging solution to behavior leakage in s...
     
Porscha: policy oriented secure content handling in Android
Found in: Proceedings of the 26th Annual Computer Security Applications Conference (ACSAC '10)
By Kevin Butler, Machigar Ongtang, Patrick McDaniel
Issue Date:December 2010
pp. 221-230
The penetration of cellular networks worldwide and emergence of smart phones has led to a revolution in mobile content. Users consume diverse content when, for example, exchanging photos, playing games, browsing websites, and viewing multimedia. Current ph...
     
Multi-vendor penetration testing in the advanced metering infrastructure
Found in: Proceedings of the 26th Annual Computer Security Applications Conference (ACSAC '10)
By Adam Delozier, Dmitry Podkuiko, Patrick McDaniel, Sergei Miadzvezhanka, Stephen McLaughlin
Issue Date:December 2010
pp. 107-116
The advanced metering infrastructure (AMI) is revolutionizing electrical grids. Intelligent AMI "smart meters" report real time usage data that enables efficient energy generation and use. However, aggressive deployments are outpacing security efforts: new...
     
Seeding clouds with trust anchors
Found in: Proceedings of the 2010 ACM workshop on Cloud computing security workshop (CCSW '10)
By Hayawardh Vijayakumar, Joshua Schiffman, Patrick McDaniel, Thomas Moyer, Trent Jaeger
Issue Date:October 2010
pp. 43-46
Customers with security-critical data processing needs are beginning to push back strongly against using cloud computing. Cloud vendors run their computations upon cloud provided VM systems, but customers are worried such host systems may not be able to pr...
     
On lightweight mobile phone application certification
Found in: Proceedings of the 16th ACM conference on Computer and communications security (CCS '09)
By Machigar Ongtang, Patrick McDaniel, William Enck
Issue Date:November 2009
pp. 235-245
Users have begun downloading an increasingly large number of mobile phone applications in response to advancements in handsets and wireless networks. The increased number of applications results in a greater chance of installing Trojans and similar malware...
     
A logical specification and analysis for SELinux MLS policy
Found in: Proceedings of the 12th ACM symposium on Access control models and technologies (SACMAT '07)
By Boniface Hicks, Luke St.Clair, Patrick McDaniel, Sandra Rueda, Trent Jaeger
Issue Date:June 2007
pp. 91-100
The SELinux mandatory access control (MAC) policy has recently added a multi-level security (MLS) model which is able to express a fine granularity of control over a subject's access rights. The problem is that the richness of this policy makes it impracti...
     
Jifclipse: development tools for security-typed languages
Found in: Proceedings of the 2007 workshop on Programming languages and analysis for security (PLAS '07)
By Boniface Hicks, Dave King, Patrick McDaniel
Issue Date:June 2007
pp. 1-10
Security-typed languages such as Jif require the programmer to label variables with information flow security policies as part of application development. The compiler then flags errors wherever information leaks may occur. Resolving these information leak...
     
Design, implementation and evaluation of security in iSCSI-based network storage systems
Found in: Proceedings of the second ACM workshop on Storage security and survivability (StorageSS '06)
By Anand Sivasubramaniam, Kevin Butler, Murali Vilayannur, Patrick McDaniel, Shiva Chaitanya
Issue Date:October 2006
pp. 17-28
This paper studies the performance and security aspects of the iSCSI protocol in a network storage based system. Ethernet speeds have been improving rapidly and network throughput is no longer considered a bottleneck when compared to Fibre-channel based st...
     
Methods and limitations of security policy reconciliation
Found in: ACM Transactions on Information and System Security (TISSEC)
By Atul Prakash, Patrick McDaniel
Issue Date:August 2006
pp. 259-291
A security policy specifies session participant requirements. However, existing frameworks provide limited facilities for the automated reconciliation of participant policies. This paper considers the limits and methods of reconciliation in a general-purpo...
     
Trusted declassification:: high-level policy for a security-typed language
Found in: Proceedings of the 2006 workshop on Programming languages and analysis for security (PLAS '06)
By Boniface Hicks, Dave King, Michael Hicks, Patrick McDaniel
Issue Date:June 2006
pp. 65-74
Security-typed languages promise to be a powerful tool with which provably secure software applications may be developed. Programs written in these languages enforce a strong, global policy of noninterferencewhich ensures that high-security data will not b...
     
On context in authorization policy
Found in: Proceedings of the eighth ACM symposium on Access control models and technologies (SACMAT '03)
By Patrick McDaniel
Issue Date:June 2003
pp. 80-89
Authorization policy infrastructures are evolving with the complex environments that they support. However, the requirements and technologies supporting context are not yet well understood. Often implemented as condition functions or predefined attributes,...
     
 1