Android inter-app communication threats and detection techniques
With the digital breakthrough, smart phones have become very essential component for
many routine tasks like shopping, paying bills, transferring money, instant messaging …
many routine tasks like shopping, paying bills, transferring money, instant messaging …
Flow-sensitive, context-sensitive, and object-sensitive information flow control based on program dependence graphs
C Hammer, G Snelting - International Journal of Information Security, 2009 - Springer
Abstract Information flow control (IFC) checks whether a program can leak secret data to
public ports, or whether critical computations can be influenced from outside. But many IFC …
public ports, or whether critical computations can be influenced from outside. But many IFC …
Divergence analysis and optimizations
The growing interest in GPU programming has brought renewed attention to the Single
Instruction Multiple Data (SIMD) execution model. SIMD machines give application …
Instruction Multiple Data (SIMD) execution model. SIMD machines give application …
Towards fully automatic placement of security sanitizers and declassifiers
B Livshits, S Chong - Acm Sigplan Notices, 2013 - dl.acm.org
A great deal of research on sanitizer placement, sanitizer correctness, checking path validity,
and policy inference, has been done in the last five to ten years, involving type systems …
and policy inference, has been done in the last five to ten years, involving type systems …
Explicit secrecy: A policy for taint tracking
Taint tracking is a popular security mechanism for tracking data-flow dependencies, both in
high-level languages and at the machine code level. But despite the many taint trackers in …
high-level languages and at the machine code level. But despite the many taint trackers in …
Controlling break-the-glass through alignment
A Adriansyah, BF Van Dongen… - … Conference on Social …, 2013 - ieeexplore.ieee.org
Modern IT systems have to deal with unpredictable situations and exceptions more and
more often. In contrast, security mechanisms are usually very rigid. Functionality like break …
more often. In contrast, security mechanisms are usually very rigid. Functionality like break …
Parfait: designing a scalable bug checker
C Cifuentes, B Scholz - Proceedings of the 2008 workshop on Static …, 2008 - dl.acm.org
We present the design of Parfait, a static layered program analysis framework for bug
checking, designed for scalability and precision by improving false positive rates and scale …
checking, designed for scalability and precision by improving false positive rates and scale …
Finding buffer overflow inducing loops in binary executables
Vulnerability analysis is one among the important components of overall software assurance
practice. Buffer overflow (BoF) is one example of the such vulnerabilities and it is still the root …
practice. Buffer overflow (BoF) is one example of the such vulnerabilities and it is still the root …
Automatic mediation of {Privacy-Sensitive} resource access in smartphone applications
B Livshits, J Jung - 22nd USENIX Security Symposium (USENIX Security …, 2013 - usenix.org
Mobile app development best practices suggest that developers obtain opt-in consent from
users prior to accessing potentially sensitive information on the phone. We study challenges …
users prior to accessing potentially sensitive information on the phone. We study challenges …
Divergence analysis
D Sampaio, RM Souza, C Collange… - ACM Transactions on …, 2014 - dl.acm.org
Growing interest in graphics processing units has brought renewed attention to the Single
Instruction Multiple Data (SIMD) execution model. SIMD machines give application …
Instruction Multiple Data (SIMD) execution model. SIMD machines give application …