Download or read book Scalable Detection of Similar Code written by Lingxiao Jiang and published by . This book was released on 2009 with total page 362 pages. Available in PDF, EPUB and Kindle. Book excerpt:

Download or read book Computer Security ESORICS 2013 written by Jason Crampton and published by Springer. This book was released on 2013-08-15 with total page 810 pages. Available in PDF, EPUB and Kindle. Book excerpt: This book constitutes the refereed proceedings of the 18th European Symposium on Computer Security, ESORICS 2013, held in Egham, UK, in September 2013. The 43 papers included in the book were carefully reviewed and selected from 242 papers. The aim of ESORICS is to further the progress of research in computer security by establishing a European forum for bringing together researchers in this area, by promoting the exchange of ideas with system developers and by encouraging links with researchers in related areas. The papers cover all topics related to security, privacy and trust in computer systems and networks.

Download or read book Detection of Intrusions and Malware and Vulnerability Assessment written by Ulrich Flegel and published by Springer. This book was released on 2013-03-15 with total page 251 pages. Available in PDF, EPUB and Kindle. Book excerpt: This book constitutes the refereed post-proceedings of the 9th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, DIMVA 2012, held in Heraklion, Crete, Greece, in July 2012. The 10 revised full papers presented together with 4 short papers were carefully reviewed and selected from 44 submissions. The papers are organized in topical sections on malware, mobile security, secure design, and intrusion detection systems (IDS).

Download or read book Scalable Dynamic Analysis of Binary Code written by Ulf Kargén and published by Linköping University Electronic Press. This book was released on 2019-08-22 with total page 86 pages. Available in PDF, EPUB and Kindle. Book excerpt: In recent years, binary code analysis, i.e., applying program analysis directly at the machine code level, has become an increasingly important topic of study. This is driven to a large extent by the information security community, where security auditing of closed-source software and analysis of malware are important applications. Since most of the high-level semantics of the original source code are lost upon compilation to executable code, static analysis is intractable for, e.g., fine-grained information flow analysis of binary code. Dynamic analysis, however, does not suffer in the same way from reduced accuracy in the absence of high-level semantics, and is therefore also more readily applicable to binary code. Since fine-grained dynamic analysis often requires recording detailed information about every instruction execution, scalability can become a significant challenge. In this thesis, we address the scalability challenges of two powerful dynamic analysis methods whose widespread use has, so far, been impeded by their lack of scalability: dynamic slicing and instruction trace alignment. Dynamic slicing provides fine-grained information about dependencies between individual instructions, and can be used both as a powerful debugging aid and as a foundation for other dynamic analysis techniques. Instruction trace alignment provides a means for comparing executions of two similar programs and has important applications in, e.g., malware analysis, security auditing, and plagiarism detection. We also apply our work on scalable dynamic analysis in two novel approaches to improve fuzzing — a popular random testing technique that is widely used in industry to discover security vulnerabilities. To use dynamic slicing, detailed information about a program execution must first be recorded. Since the amount of information is often too large to fit in main memory, existing dynamic slicing methods apply various time-versus-space trade-offs to reduce memory requirements. However, these trade-offs result in very high time overheads, limiting the usefulness of dynamic slicing in practice. In this thesis, we show that the speed of dynamic slicing can be greatly improved by carefully designing data structures and algorithms to exploit temporal locality of programs. This allows avoidance of the expensive trade-offs used in earlier methods by accessing recorded runtime information directly from secondary storage without significant random-access overhead. In addition to being a standalone contribution, scalable dynamic slicing also forms integral parts of our contributions to fuzzing. Our first contribution uses dynamic slicing and binary code mutation to automatically turn an existing executable into a test generator. In our experiments, this new approach to fuzzing achieved about an order of magnitude better code coverage than traditional mutational fuzzing and found several bugs in popular Linux software. The second work on fuzzing presented in this thesis uses dynamic slicing to accelerate the state-of-the-art fuzzer AFL by focusing the fuzzing effort on previously unexplored parts of the input space. For the second dynamic analysis technique whose scalability we sought to improve — instruction trace alignment — we employed techniques used in speech recognition and information retrieval to design what is, to the best of our knowledge, the first general approach to aligning realistically long program traces. We show in our experiments that this method is capable of producing meaningful alignments even in the presence of significant syntactic differences stemming from, for example, the use of different compilers or optimization levels.

Download or read book Scalable Semantics based Detection of Similar Android Apps written by Jonathan Crussell and published by . This book was released on 2014 with total page pages. Available in PDF, EPUB and Kindle. Book excerpt: Smart phones are rapidly becoming a fixture of modern day life. Their popularity and market penetration have given rise to a flourishing ecosystem of mobile apps that provide users with a wide range of useful functionality. Android users may download apps from Google's official Android Market or from a number of third-party markets. To ensure a healthy mobile app environment, users should have access to high quality apps and developers should be financially compensated for their efforts. However, apps may be copied, or "cloned," by a dishonest developer and released as her own, subverting revenue from the original developer or possibly including additional malicious functionality. I present two approaches to detect similar Android apps based on semantic information. I implement the first approach in a tool called DNADroid which robustly computes the similarity between two apps by comparing program dependency graphs between methods in candidiate apps. The second approach, implemented in a tool called AnDarwin, is capable of detecting similar apps on an unprecedented scale. In contrast to earlier approaches, AnDarwin has four advantages: it avoids comparing apps pairwise, thus greatly improving its scalability; it analyzes only the app code and does not rely on other information -- such as the app's market, signature, or description -- thus greatly increasing its reliability; it can detect both full and partial app similarity; and it can automatically detect library code and remove it from the similarity analysis. I evaluate DNADroid and AnDarwin on many Android apps crawled from multiple Android markets including the official Android Market. My evaluation demonstrates these tools' ability to accurately detect similar apps. Finally, I show how DNADroid and AnDarwin can be used in conjunction with other tools to gain insights into the app ecosystem such as the prevelance of malware families that commit ad fraud.

Download or read book Data and Applications Security and Privacy XXVIII written by Vijay Atluri and published by Springer. This book was released on 2014-06-27 with total page 404 pages. Available in PDF, EPUB and Kindle. Book excerpt: This book constitutes the refereed proceedings of the 28th IFIP WG 11.3 International Working Conference on Data and Applications Security and Privacy, DBSec 2014, held in Vienna, Austria, in July 2014. The 22 revised full papers and 4 short papers presented were carefully reviewed and selected from 63 submissions. The papers are organized in topical sections on access control, privacy, networked and mobile environments, data access, cloud databases, and private retrieval.

Download or read book Parallel and Distributed Computing Applications and Technologies written by Hong Shen and published by Springer Nature. This book was released on 2022-03-15 with total page 643 pages. Available in PDF, EPUB and Kindle. Book excerpt: This book constitutes the proceedings of the 22nd International Conference on Parallel and Distributed Computing, Applications, and Technologies, PDCAT 2021, which took place in Guangzhou, China, during December 17-19, 2021. The 24 full papers and 34 short papers included in this volume were carefully reviewed and selected from 97 submissions. The papers are categorized into the following topical sub-headings: networking and architectures, software systems and technologies, algorithms and applications, and security and privacy.

Download or read book Automated Technology for Verification and Analysis written by Yu-Fang Chen and published by Springer Nature. This book was released on 2019-10-21 with total page 552 pages. Available in PDF, EPUB and Kindle. Book excerpt: This book constitutes the refereed proceedings of the 17th International Symposium on Automated Technology for Verification and Analysis, ATVA 2019, held in Taipei, Taiwan in October 2019. The 24 regular papers presented together with 3 tool papers were carefully reviewed and selected from 65 submissions. The symposium is dedicated to the promotion of research on theoretical and practical aspects of automated analysis, verification and synthesis by providing a forum for interaction between the regional and the international research communities and industry in the field. The papers focus on cyber-physical systems; runtime techniques; testing; automata; synthesis; stochastic systems and model checking.

Download or read book Facing the Multicore Challenge III written by Rainer Keller and published by Springer. This book was released on 2013-01-11 with total page 156 pages. Available in PDF, EPUB and Kindle. Book excerpt: This state-of-the-art survey features topics related to the impact of multicore, manycore, and coprocessor technologies in science and large-scale applications in an interdisciplinary environment. The papers included in this survey cover research in mathematical modeling, design of parallel algorithms, aspects of microprocessor architecture, parallel programming languages, hardware-aware computing, heterogeneous platforms, manycore technologies, performance tuning, and requirements for large-scale applications. The contributions presented in this volume are an outcome of an inspiring conference conceived and organized by the editors at the University of Applied Sciences (HfT) in Stuttgart, Germany, in September 2012. The 10 revised full papers selected from 21 submissions are presented together with the twelve poster abstracts and focus on combination of new aspects of microprocessor technologies, parallel applications, numerical simulation, and software development; thus they clearly show the potential of emerging technologies in the area of multicore and manycore processors that are paving the way towards personal supercomputing and very likely towards exascale computing.

Download or read book Detection of Intrusions and Malware and Vulnerability Assessment written by Michalis Polychronakis and published by Springer. This book was released on 2017-06-27 with total page 414 pages. Available in PDF, EPUB and Kindle. Book excerpt: This book constitutes the refereed proceedings of the 14th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, DIMVA 2017, held in Bonn, Germany, in July 2017. The 18 revised full papers included in this book were carefully reviewed and selected from 67 submissions. They present topics such as enclaves and isolation; malware analysis; cyber-physical systems; detection and protection; code analysis; and web security.

Download or read book Software Systems Safety written by O. Grumberg and published by IOS Press. This book was released on 2014-05-30 with total page 396 pages. Available in PDF, EPUB and Kindle. Book excerpt: Until quite recently, the correctness and security of software systems was a largely theoretical problem relevant only for a small group of computer specialists. Today it is a fundamental problem for society at large, with security breaches in banking software, malware attacks and bugs in programs affecting millions of people and making the headlines almost daily. The computer science community is developing verification and synthesis tools which will mechanize ever more tasks in the design of secure programs. This book presents the papers delivered at the NATO Advanced Study Institute (ASI) Summer School Marktoberdorf 2013 – Software Systems Safety. The participants represented research groups from both industry and academia, and the subjects covered included: software model checking via systematic testing, program synthesis, E voting systems, probabilistic model checking in biology, infinite state model checking, Boolean satisfiability, interactive proof, and software security by information flow control. The Marktoberdorf Summer School is one of the most renowned international computer science summer schools, and this book, with its detailed overview of current research results with special emphasis on the solving of software systems security problems, will be of interest to all those whose work involves systems security.

Download or read book Software Quality as a Foundation for Security written by Peter Bludau and published by Springer Nature. This book was released on with total page 171 pages. Available in PDF, EPUB and Kindle. Book excerpt:

Download or read book Binary Code Fingerprinting for Cybersecurity written by Saed Alrabaee and published by Springer Nature. This book was released on 2020-02-29 with total page 264 pages. Available in PDF, EPUB and Kindle. Book excerpt: This book addresses automated software fingerprinting in binary code, especially for cybersecurity applications. The reader will gain a thorough understanding of binary code analysis and several software fingerprinting techniques for cybersecurity applications, such as malware detection, vulnerability analysis, and digital forensics. More specifically, it starts with an overview of binary code analysis and its challenges, and then discusses the existing state-of-the-art approaches and their cybersecurity applications. Furthermore, it discusses and details a set of practical techniques for compiler provenance extraction, library function identification, function fingerprinting, code reuse detection, free open-source software identification, vulnerability search, and authorship attribution. It also illustrates several case studies to demonstrate the efficiency, scalability and accuracy of the above-mentioned proposed techniques and tools. This book also introduces several innovative quantitative and qualitative techniques that synergistically leverage machine learning, program analysis, and software engineering methods to solve binary code fingerprinting problems, which are highly relevant to cybersecurity and digital forensics applications. The above-mentioned techniques are cautiously designed to gain satisfactory levels of efficiency and accuracy. Researchers working in academia, industry and governmental agencies focusing on Cybersecurity will want to purchase this book. Software engineers and advanced-level students studying computer science, computer engineering and software engineering will also want to purchase this book.

Download or read book Scalable detection of software refactoring written by Narcisa Andreea Milea and published by . This book was released on 2015 with total page 0 pages. Available in PDF, EPUB and Kindle. Book excerpt:

Download or read book Model Driven Engineering Languages and Systems written by Jon Whittle and published by Springer. This book was released on 2011-10-12 with total page 749 pages. Available in PDF, EPUB and Kindle. Book excerpt: This book constitutes the refereed proceedings of the 14th International Conference on Model Driven Engineering Languages and Systems, MODELS 2011, held in Wellington, New Zealand, in October 2011. The papers address a wide range of topics in research (foundations track) and practice (applications track). For the first time a new category of research papers, vision papers, are included presenting "outside the box" thinking. The foundations track received 167 full paper submissions, of which 34 were selected for presentation. Out of these, 3 papers were vision papers. The application track received 27 submissions, of which 13 papers were selected for presentation. The papers are organized in topical sections on model transformation, model complexity, aspect oriented modeling, analysis and comprehension of models, domain specific modeling, models for embedded systems, model synchronization, model based resource management, analysis of class diagrams, verification and validation, refactoring models, modeling visions, logics and modeling, development methods, and model integration and collaboration.

Download or read book Engineering Secure Software and Systems written by Juan Caballero and published by Springer. This book was released on 2016-03-28 with total page 280 pages. Available in PDF, EPUB and Kindle. Book excerpt: This book constitutes the refereed proceedings of the 8th International Symposium on Engineering Secure Software and Systems, ESSoS 2016, held in London, UK, in April 2016. The 13 full papers presented together with 3 short papers and 1 invited talk were carefully reviewed and selected from 50 submissions. The goal of this symposium, is to bring together researchers and practitioners to advance the states of the art and practice in secure software engineering. The presentations and associated publications at ESSoS 2016 contribute to this goal in several directions: First, by improving methodologies for secure software engineering (such as flow analysis and policycompliance). Second, with results for the detection and analysis of software vulnerabilities and the attacks they enable. Finally, for securing software for specific application domains (such as mobile devices and access control).

Download or read book Theoretical Aspects of Software Engineering written by Cristina David and published by Springer Nature. This book was released on 2023-06-26 with total page 375 pages. Available in PDF, EPUB and Kindle. Book excerpt: This book constitutes the proceedings of the 17th International Conference on Theoretical Aspects of Software Engineering, TASE 2023, held in Bristol, UK, July 4–6, 2023. The 19 full papers and 2 short papers included in this book were carefully reviewed and selected from 49 submissions. They cover the following areas: distributed and concurrent systems; cyber-physical systems; embedded and real-time systems; object-oriented systems; quantum computing; formal verification and program semantics; static analysis; formal methods; verification and testing for AI systems; and AI for formal methods.