瘙痒
发表于 2025-3-23 11:53:59
The Heavy Tails of Vulnerability Exploitation. Our analysis comprises 374 exploited vulnerabilities for a total of 75.7 Million recorded attacks spanning three years (2009-2012). We find that for some software as little as 5% of exploited vulnerabilities is responsible for about 95% of the attacks against that platform. This strongly skewed di
d-limonene
发表于 2025-3-23 15:03:14
Idea: Benchmarking Indistinguishability Obfuscation – A Candidate Implementationl. . We show how different parameters of the input circuits impact the performance and the size of the obfuscated programs. On the negative side, our benchmarks show that for the time being the algorithm is far away from being practical. On the positive side, there is still much room for improvem
TAG
发表于 2025-3-23 19:05:12
A Security Ontology for Security Requirements Elicitationtation. Early analysis of security makes it possible to predict threats and their impacts and define adequate security requirements before the system is in place. Security requirements are difficult to elicit, analyze, and manage. The fact that analysts’ knowledge about security is often tacit makes
补充
发表于 2025-3-23 23:25:25
Producing Hook Placements to Enforce Expected Access Control Policiestions on those resources. Manual hook placements by programmers are often incomplete or incorrect, leading to insecure programs. We advocate an approach that automatically identifies the set of locations to place authorization hooks that mediates all security-sensitive operations in order to enforce
Arteriography
发表于 2025-3-24 02:50:16
http://reply.papertrans.cn/32/3110/310933/310933_15.png
宣誓书
发表于 2025-3-24 08:45:30
http://reply.papertrans.cn/32/3110/310933/310933_16.png
BLA
发表于 2025-3-24 12:05:13
Idea: State-Continuous Transfer of State in Protected-Module Architecturesle exists that executes without interruption when it is transferred from one machine to another. In practice however an attacker may (i) crash the system at any point in time (i.e., a crash attack), (ii) present the system with a stale state (i.e., a rollback attack), or (iii) trick both machines to
规章
发表于 2025-3-24 16:30:11
OMEN: Faster Password Guessing Using an Ordered Markov Enumerator the Ripper, which implements the password indexing function by Narayanan and Shmatikov. OMEN guesses more than 40% of passwords correctly with the first 90 million guesses, while JtR-Markov (for . = 1 billion) needs at least eight times as many guesses to reach the same goal, and OMEN guesses more
V切开
发表于 2025-3-24 20:41:10
The Heavy Tails of Vulnerability Exploitationr data collection from the security community may be needed. Finally, we present and discuss the . as a possible explanation for the heavy-tailed distributions we find in the data, and present examples of its effects for Apple Quicktime and Microsoft Internet Explorer vulnerabilities.
OPINE
发表于 2025-3-25 00:53:19
A Security Ontology for Security Requirements Elicitationts have been proposed in the literature. None of them stands out as complete. This paper presents a core and generic security ontology for security requirements engineering. Its core and generic status is attained thanks to its coverage of wide and high-level security concepts and relationships. We