Zobrazeno 1 - 10
of 25
pro vyhledávání: '"RUEF, ANDREW"'
Autor:
Parker, James, Hicks, Michael, Ruef, Andrew, Mazurek, Michelle L., Levin, Dave, Votipka, Daniel, Mardziel, Piotr, Fulton, Kelsey R.
Typical security contests focus on breaking or mitigating the impact of buggy systems. We present the Build-it, Break-it, Fix-it (BIBIFI) contest, which aims to assess the ability to securely build software, not just break it. In BIBIFI, teams build
Externí odkaz:
http://arxiv.org/abs/1907.01679
Publikováno v:
11th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering (FSE), pages 605--615. ACM, 2017
Numerical invariants, e.g., relationships among numerical variables in a program, represent a useful class of properties to analyze programs. General polynomial invariants represent more complex numerical relations, but they are often required in man
Externí odkaz:
http://arxiv.org/abs/1903.12113
Publikováno v:
Proceedings of the ACM Conference on Computer and Communications Security (CCS) 2018
Fuzz testing has enjoyed great success at discovering security critical bugs in real software. Recently, researchers have devoted significant effort to devising new fuzzing techniques, strategies, and algorithms. Such new ideas are primarily evaluate
Externí odkaz:
http://arxiv.org/abs/1808.09700
Numeric static analysis for Java has a broad range of potentially useful applications, including array bounds checking and resource usage estimation. However, designing a scalable numeric static analysis for real-world Java programs presents a multit
Externí odkaz:
http://arxiv.org/abs/1802.08927
Autor:
Stevens, Rock, Suciu, Octavian, Ruef, Andrew, Hong, Sanghyun, Hicks, Michael, Dumitraş, Tudor
Governments and businesses increasingly rely on data analytics and machine learning (ML) for improving their competitive edge in areas such as consumer satisfaction, threat intelligence, decision making, and product efficiency. However, by cleverly c
Externí odkaz:
http://arxiv.org/abs/1701.04739
A major challenge in cyber-threat analysis is combining information from different sources to find the person or the group responsible for the cyber-attack. It is one of the most important technical and policy challenges in cyber-security. The lack o
Externí odkaz:
http://arxiv.org/abs/1607.02171
Autor:
Ruef, Andrew, Hicks, Michael, Parker, James, Levin, Dave, Mazurek, Michelle L., Mardziel, Piotr
Typical security contests focus on breaking or mitigating the impact of buggy systems. We present the Build-it Break-it Fix-it BIBIFI contest which aims to assess the ability to securely build software not just break it. In BIBIFI teams build specifi
Externí odkaz:
http://arxiv.org/abs/1606.01881
Attributing the culprit of a cyber-attack is widely considered one of the major technical and policy challenges of cyber-security. The lack of ground truth for an individual responsible for a given attack has limited previous studies. Here, we overco
Externí odkaz:
http://arxiv.org/abs/1507.01922
We hear it all too often in the media: an organization is attacked, its data, often containing personally identifying information, is made public, and a hacking group emerges to claim credit. In this excerpt, we discuss how such groups operate and de
Externí odkaz:
http://arxiv.org/abs/1501.05990
Along with the USA and Russia, China is often considered one of the leading cyber-powers in the world. In this excerpt, we explore how Chinese military thought, developed in the 1990s, influenced their cyber-operations in the early 2000s. In particul
Externí odkaz:
http://arxiv.org/abs/1309.6450