Abstract
Understanding complexity and feedback in security models highlights the need for better failure modes in solutions.
- RD ([email protected]). Writing Linux Kernel Keylogger. Phrack 11, 59 (June 2002); www.phrack.org/phrack/59/p59-0x0e.txt.Google Scholar
- Schneier, B. Secrets & Lies: Digital Security in a Networked World. Wiley Computer Publishing, New York, 2000. Google ScholarDigital Library
- Wang, Y.-M. Strider HoneyMonkeys: Active client-side honeypots for finding Web sites that exploit browser vulnerabilities. Part of Works in Progress at the 14th Usenix Security Symposium (Baltimore, July 31--Aug. 5, 2005); www.usenix.org/events/sec05/wips/wang.pdf and research.microsoft.com/HoneyMonkey/.Google Scholar
- Melstorm ([email protected]). Trust Transience: Post-Intrusion SSH Hijacking Melstorm. Presentation at Defcon 14 (Las Vegas, Aug. 4--6, 2005); opensores.thebunker.net/pub/mirrors/blackhat/presentations/bh-usa-05/BH_US_05-Boileau/metlstorms_sshjack-1.02.tar.gz.Google Scholar
Index Terms
- How to think about security failures
Recommendations
Understanding failures through facts
ESEC/FSE '11: Proceedings of the 19th ACM SIGSOFT symposium and the 13th European conference on Foundations of software engineeringWhy does my program crash?"--This ever recurring question of software debugging drives the developer during the analysis of the failure. Complex defects are impossible to automatically identify; this can only be left to human judgment. But what we can ...
Uniform Agreement Despite Process Omission Failures
IPDPS '03: Proceedings of the 17th International Symposium on Parallel and Distributed ProcessingA process fails by omission if it "forgets" to send or receive messages. Considering omission failures is crucial for distributed systems, as such failures model both crash failures and incorrect behavior of process input/output buffers (such as buffer ...
Comments