Now showing items 1-20 of 27

    • Attack Generation for NIDS Testing Using Natural Deduction 

      Rubin, Shai; Jha, Somesh; Miller, Barton P. (University of Wisconsin-Madison Department of Computer Sciences, 2004)
      A common way to elude a signature-based NIDS is to transform an attack instance that the NIDS recognizes into another instance that it fails to recognize. For example, to avoid matching between the attack payload and the ...
    • Automatic Discovery of API-Level Vulnerabilities 

      Ganapathy, Vinod; Seshia, Sanjit A.; Jha, Somesh; Reps, Thomas W.; Bryant, Randal E. (University of Wisconsin-Madison Department of Computer Sciences, 2004)
      A system is vulnerable to an API-level attack if its security can be compromised by invoking an allowed sequence of operations from its API. We present a formal framework to model and analyze APIs, and develop an automatic ...
    • Backtracking Algorithmic Complexity Attacks Against a NIDS 

      Smith, Randy; Estan, Cristian; Jha, Somesh (University of Wisconsin-Madison Department of Computer Sciences, 2006)
      Network Intrusion Detection Systems (NIDS) have become crucial to securing modern networks. To be effective, a NIDS must be able to counter evasion attempts and operate at or near wire-speed. Failure to do so allows ...
    • Buffer Overrun Detection Using Linear Programming and Static Analysis 

      Ganapathy, Vinod; Jha, Somesh; Chandler, David; Melski, David; Vitek, David (University of Wisconsin-Madison Department of Computer Sciences, 2003)
      This paper addresses the issue of identifiing buffer overrun vulnerabilities by statically analyzing C source code. We demonstrate a scalable analysis based on modeling C string manipulations as a linear program. We also ...
    • Compiler Construction of Idempotent Regions 

      de Kruijf, Marc; Sankaralingam, Karthikeyan; Jha, Somesh (University of Wisconsin-Madison Department of Computer Sciences, 2011)
      Recovery functionality has many applications in computing systems, from speculation recovery in modern microprocessors to fault recovery in high-reliability systems. Modern systems commonly recover using checkpoints. ...
    • Declarative, Temporal, and Practical Programming with Capabilities 

      Watson, Robert N. M.; Anderson, Jonathan; Reps, Thomas; Jha, Somesh; Harris, William R. (2013-02-26)
      New operating systems, such as the Capsicum capability system, allow a programmer to write an application that satisfies strong security properties by invoking security- specific system calls at a few key points in the ...
    • DIFC Programs by Automatic Instrumentation 

      Harris, William; Jha, Somesh; Reps, Thomas (University of Wisconsin-Madison Department of Computer Sciences, 2010)
      Decentralized information flow control (DIFC) operating systems provide applications with mechanisms for enforcing information-flow policies for their data. However, significant obstacles keep such operating systems ...
    • Distributed Certificate-Chain Discovery in SPKI/SDSI 

      Schwoon, Stefan; Wang, Hao; Jha, Somesh; Reps, Thomas (University of Wisconsin-Madison Department of Computer Sciences, 2005)
      The authorization problem is to decide whether, according to a security policy, some principal should be allowed access to a resource. In the trust-management system SPKI/SDSI, the security policy is given by a set of ...
    • Formalizing Attack Mutation for NIDS Testing 

      Rubin, Shai; Jha, Somesh; Miller, Barton P. (University of Wisconsin-Madison Department of Computer Sciences, 2005)
      Attack mutation is a common way to test a misuse Network Intrusion Detection System (NIDS). In this technique, a known instance of an attack is transformed by repeatedly applying attack transformations into many distinct ...
    • Global Intrusion Detection in the DOMINO Overlay System 

      Yegneswaran, Vinod; Barford, Paul; Jha, Somesh (University of Wisconsin-Madison Department of Computer Sciences, 2003)
      Sharing data between widely distributed intrusion detection systems offers the possibility of significant improvements in speed and accuracy over systems operating in isolation. In this paper, we describe and evaluate ...
    • Internet Sieve: An Architecture for Generating Resilient Signatures 

      Yegneswaran, Vinod; Giffin, Jonathon; Barford, Paul; Jha, Somesh (University of Wisconsin-Madison Department of Computer Sciences, 2004)
      We present iSieve, a modular architecture for identifying intrusion profiles in packet trace data and automatically constructing resilient signatures for the profiles. The first component of the architecture organizes and ...
    • Malware Normalization 

      Christodorescu, Mihai; Kinder, Johannes; Jha, Somesh; Katzenbeisser, Stefan; Veith, Helmut (University of Wisconsin-Madison Department of Computer Sciences, 2005)
      Malware is code designed for a malicious purpose, such as obtaining root privilege on a host. A malware detector identifies malware and thus prevents it from adversely affecting a host. In order to evade detection by ...
    • Mining Security-Sensitive Operations in Legacy Code Using Concept Analysis 

      Ganapathy, Vinod; King, Dave; Jaeger, Trent; Jha, Somesh (University of Wisconsin-Madison Department of Computer Sciences, 2006)
      We present an approach based on concept analysis to retrofit legacy servers with mechanisms for authorization policy enforcement. Our approach is based upon the observation that security-sensitive operations are characterized ...
    • On Effective Model-Based Intrusion Detection 

      Giffin, Jonathon; Jha, Somesh; Miller, Barton P. (University of Wisconsin-Madison Department of Computer Sciences, 2005)
      Model-based intrusion detectors restrict program execution to a previously computed model of expected behavior. We consider two classes of attacks against these systems: bypass attacks that evade detection by avoiding the ...
    • On Generalized Authorization Problems 

      Schwoon, Stefan; Jha, Somesh; Reps, Thomas; Stubblebine, S. (University of Wisconsin-Madison Department of Computer Sciences, 2003)
      This paper defines a framework in which one can formalize a variety of authorization and policy issues that arise in access control of shared computing resources. Instantiations of the framework address such issues as ...
    • Programming for a Capability System via Safety Games 

      Harris, William R.; Farley, Benjamin; Jha, Somesh; Reps, Thomas (University of Wisconsin-Madison Department of Computer Sciences, 2011)
      New operating systems with security-specific system calls, such as the Capsicum capability system, allow programmers to write applications that satisfy strong security properties with significantly less effort than full ...
    • Programming for a Capability System via Safety Games 

      Farley, Benjamin; Harris, William; Reps, Thomas; Jha, Somesh (2012-04-05)
      New operating systems with security-specific system calls, such as the Capsicum capability system, allow programmers to write applications that satisfy strong security properties with significantly less effort than full ...
    • Reducing the Dependence of Trust-Management Systems on PKI 

      Wang, Hao; Jha, Somesh; Reps, Thomas; Schwoon, Stefan; Stubblebine, Stuart (University of Wisconsin-Madison Department of Computer Sciences, 2005)
      Trust-management systems address the authorization problem in distributed systems by defining a formal language for expressing authorization and access-control policies, and relying on an algorithm to determine when a ...
    • Retrofitting Legacy Code for Authorization Policy Enforcement 

      Ganapathy, Vinod; Jaeger, Trent; Jha, Somesh (University of Wisconsin-Madison Department of Computer Sciences, 2005)
      Researchers have long argued that the best way to construct a secure system is to proactively integrate security into the design of the system. However, this tenet is rarely followed because of economic and practical ...
    • Secure Programming as a Parity Game 

      Harris, William R.; Farley, Benjamin; Jha, Somesh; Reps, Thomas (University of Wisconsin-Madison Department of Computer Sciences, 2011)
      Traditionally, reference monitors have been used both to specify a policy of secure behaviors of an application, and to ensure that an application satisfies its specification. However, for recently proposed privilege-aware ...