Zobrazeno 1 - 10
of 16
pro vyhledávání: '"Householder, Allen"'
This paper explores how the current paradigm of vulnerability management might adapt to include machine learning systems through a thought experiment: what if flaws in machine learning (ML) were assigned Common Vulnerabilities and Exposures (CVE) ide
Externí odkaz:
http://arxiv.org/abs/2101.10865
Attacks such as the one that compromised the control systems for Iranian centrifuges demonstrate a growing need to improve the design of security in cyber-physical systems. While much of the work on security has focused on coding, many of the common
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_dedup___::3c8432567208d68fa9ea4ca845cdb7b4
Autor:
Householder, Allen
The Coordinated Vulnerability Disclosure (CVD) process addresses a human coordination problem that spans individuals and organizations. In this report, we propose a formal protocol specification for Multi-Party Coordinated Vulnerability Disclosure (M
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_dedup___::10321f8d9de4bd20f365f05b9fbc3cef
Autor:
Householder, Allen, Spring, Jonathan
Coordinated Vulnerability Disclosure (CVD) stands as a consensus response to the persistent fact of vulnerable software, yet few performance indicators have been proposed to measure its efficacy at the broadest scales. In this report, we seek to fill
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_dedup___::095d2fbbb61297eeffa52e9a7b75d6dc
Cybersecurity Information Sharing: Analysing an Email Corpus of Coordinated Vulnerability Disclosure
Publikováno v:
Sridhar, K, Householder, A, Spring, J & Woods, D W 2021, ' Cybersecurity Information Sharing: Analysing an Email Corpus of Coordinated Vulnerability Disclosure ', Paper presented at The 20th Annual Workshop on the Economics of Information Security, 28/06/21-29/06/21 . < https://weis2021.econinfosec.org/wp-content/uploads/sites/9/2021/06/weis21-sridhar.pdf >
Information sharing is widely held to improve cybersecurity outcomes whether its driven by market forces or by cooperation among firms and individuals. Formal institutions may be established to facilitate cooperative information sharing. This paper p
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_dedup___::172fae4904384852c91335c2f5a0c39c
Publikováno v:
Digital Threats: Research & Practice; Dec2022, Vol. 3 Issue 4, p1-28, 28p
Security vulnerabilities remain a problem for vendors and deployers of software-based systems alike. Vendors play a key role by providing fixes for vulnerabilities, but they have no monopoly on the ability to discover vulnerabilities in their product
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_dedup___::5bf0e21c9e64099d5f4bb76749327c73
Akademický článek
Tento výsledek nelze pro nepřihlášené uživatele zobrazit.
K zobrazení výsledku je třeba se přihlásit.
K zobrazení výsledku je třeba se přihlásit.
Autor:
Householder, Allen
Mutational input testing (fuzzing, and in particular dumb fuzzing) is an effective technique for discovering vulnerabilities in software. However, many of the bitwise changes in fuzzed input files are not relevant to the actual software crashes found
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_dedup___::07f1e234093599b4f22928e267507d49
Autor:
Householder, Allen, Foote, Jonathan M
Dynamic, randomized-input functional testing, or black-box fuzz testing, is an effective technique for finding security vulnerabilities in software applications. Parameters for an invocation of black-box fuzz testing generally include known-good inpu
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_dedup___::66831a102d3726d76d875a2d9cad556e