標題: Titlebook: Engineering Secure Software and Systems; 9th International Sy Eric Bodden,Mathias Payer,Elias Athanasopoulos Conference proceedings 2017 Sp [打印本頁] 作者: Auditory-Nerve 時間: 2025-3-21 16:48
書目名稱Engineering Secure Software and Systems影響因子(影響力)
書目名稱Engineering Secure Software and Systems影響因子(影響力)學(xué)科排名
書目名稱Engineering Secure Software and Systems網(wǎng)絡(luò)公開度
書目名稱Engineering Secure Software and Systems網(wǎng)絡(luò)公開度學(xué)科排名
書目名稱Engineering Secure Software and Systems被引頻次
書目名稱Engineering Secure Software and Systems被引頻次學(xué)科排名
書目名稱Engineering Secure Software and Systems年度引用
書目名稱Engineering Secure Software and Systems年度引用學(xué)科排名
書目名稱Engineering Secure Software and Systems讀者反饋
書目名稱Engineering Secure Software and Systems讀者反饋學(xué)科排名
作者: stroke 時間: 2025-3-22 00:00
,A Voucher-Based Security Middleware for?Secure Business Process Outsourcing,between federated and heterogeneous workflow engines. However, state-of-the-art workflow engines fall short of a distributed authorisation mechanism for this heterogeneous, federated BPO setting..In a cross-organisational context, the security requirements involve (i) delegation and verification of 作者: LOPE 時間: 2025-3-22 00:56
LASARUS: Lightweight Attack Surface Reduction for Legacy Industrial Control Systems,m an interconnected world. It is well-known that attackers can read and write sensor and actuator data from Programmable Logic Controllers (PLCs) as legacy ICS offer little means of protection. Replacing such legacy ICS is expensive, requires extensive planning and a major programme of updates often作者: 修飾 時間: 2025-3-22 05:01
Exploring the Relationship Between Architecture Coupling and Software Vulnerabilities,l. However, the few studies looking at software architecture and vulnerabilities are limited in scope and findings. We explore the relationship between software vulnerabilities and component metrics (like code churn and cyclomatic complexity), as well as architecture coupling metrics (direct, indire作者: 啤酒 時間: 2025-3-22 08:49
Natural Language Insights from Code Reviews that Missed a Vulnerability,vulnerabilities in software. Code reviewing is one such approach which has been instrumental in improving the overall quality of a software system. In a typical code review, developers critique a proposed change to uncover potential vulnerabilities. Despite best efforts by developers, some vulnerabi作者: Nostalgia 時間: 2025-3-22 16:26 作者: Nostalgia 時間: 2025-3-22 17:36 作者: 充滿人 時間: 2025-3-22 21:52 作者: 挑剔為人 時間: 2025-3-23 04:13
Idea-Caution Before Exploitation: The Use of Cybersecurity Domain Knowledge to Educate Software Engnd feasibility. Possible mechanisms for the transfer are critically examined. Software engineering methodologies do not make use of security domain knowledge in its form of vulnerability databases (e.g. CWE, CVE, Exploit DB), which are therefore not appropriate for this purpose. An approach based up作者: jarring 時間: 2025-3-23 06:24 作者: Carcinoma 時間: 2025-3-23 10:13
KASLR is Dead: Long Live KASLR, While kernel security relies fundamentally on preventing access to address information, recent attacks have shown that the hardware directly leaks this information. Strictly splitting kernel space and user space has recently been proposed as a theoretical concept to close these side channels. Howev作者: connoisseur 時間: 2025-3-23 15:26 作者: 容易懂得 時間: 2025-3-23 22:02
,A Formal Approach to Exploiting Multi-stage Attacks Based on File-System Vulnerabilities of?Web Appilities and SQL-Injection vulnerabilities for complex, multi-stage attacks. We have developed an automatic tool that implements our approach and we show its efficiency by discussing four real-world case studies, which are witness to the fact that our tool can generate, and exploit, attacks that, to 作者: Crohns-disease 時間: 2025-3-23 22:54 作者: A精確的 時間: 2025-3-24 03:30
Idea: A Unifying Theory for Evaluation Systems,upport of such a unifying theory comes a model for . (SES), which offers innovative common grounds to understand all four groups. For example, all rest on ., respectively votes, test answers, bids and papers, which are to be . and ultimately ranked. A taxonomy for all groups is advanced to provide a作者: 富饒 時間: 2025-3-24 08:49 作者: 人類 時間: 2025-3-24 12:46
The Disabled Body in Contemporary Artum vulnerabilities to empirically analyze the linguistic features. We found that code reviews with lower inquisitiveness, higher sentiment, and lower complexity were more likely to miss a vulnerability. We used a Na?ve Bayes classifier to assess if the words (or lemmas) in the code reviews could dif作者: metropolitan 時間: 2025-3-24 16:32 作者: 努力趕上 時間: 2025-3-24 20:28 作者: progestin 時間: 2025-3-25 01:06
The Discourse of Business Meetings kernel addresses while running in user mode. We show that . protects against double page fault attacks, prefetch side-channel attacks, and TSX-based side-channel attacks. Finally, we demonstrate that . has a runtime overhead of only ..作者: 褲子 時間: 2025-3-25 03:28 作者: 壓迫 時間: 2025-3-25 08:57
LASARUS: Lightweight Attack Surface Reduction for Legacy Industrial Control Systems,ARUS, a lightweight approach that can be implemented on legacy PLCs to reduce their attack surface, making it harder for an attacker to learn system behaviour and craft useful attacks. Our approach involves applying obfuscation to PLC data whenever it is stored or accessed which leads to a continuou作者: MEET 時間: 2025-3-25 14:57 作者: Arthropathy 時間: 2025-3-25 17:53 作者: aerial 時間: 2025-3-25 20:25 作者: 廚房里面 時間: 2025-3-26 04:03
KASLR is Dead: Long Live KASLR, kernel addresses while running in user mode. We show that . protects against double page fault attacks, prefetch side-channel attacks, and TSX-based side-channel attacks. Finally, we demonstrate that . has a runtime overhead of only ..作者: 摻假 時間: 2025-3-26 07:02
,: A Binary Solution for Switch-Case Recovery,naries, including malware and firmware. For . binaries, our results approach those of IDA Pro when IDA has symbols (which is generally not the case), while for . binaries we outperform IDA Pro with debug symbols by orders of magnitude: IDA finds 11 of 828 switch statements implemented as jump tables作者: 有機體 時間: 2025-3-26 08:32
The Direction of Literary Theoryle this approach has been well-established for request-response applications, it is not supported for database queries of data-driven applications, especially for attribute-based policies. In particular, search operations for such applications involve poor scalability with regard to the data set siz作者: ASSET 時間: 2025-3-26 13:30 作者: 睨視 時間: 2025-3-26 18:43
https://doi.org/10.1007/978-1-349-01488-0m an interconnected world. It is well-known that attackers can read and write sensor and actuator data from Programmable Logic Controllers (PLCs) as legacy ICS offer little means of protection. Replacing such legacy ICS is expensive, requires extensive planning and a major programme of updates often作者: Saline 時間: 2025-3-26 22:02
https://doi.org/10.1007/978-1-349-07014-5l. However, the few studies looking at software architecture and vulnerabilities are limited in scope and findings. We explore the relationship between software vulnerabilities and component metrics (like code churn and cyclomatic complexity), as well as architecture coupling metrics (direct, indire作者: Pelago 時間: 2025-3-27 03:01 作者: Spangle 時間: 2025-3-27 09:14
The Disabled Body in Contemporary Art sanitization focuses on vulnerability detection and sanitization correctness, leaving the burden of sanitizer placement with the developers. However, manual sanitizer placement is complex in realistic applications. Moreover, the automatic placement strategies presented in the literature do not opti作者: 流出 時間: 2025-3-27 11:36
nterfaces are sufficient to build a fingerprint that is statistically unique and very stable over time. Consequently, the fingerprint can be used to track users. Our work aims at mitigating the risk of browser fingerprinting for users privacy by ‘breaking’ the stability of a fingerprint over time. W作者: 悄悄移動 時間: 2025-3-27 17:38
https://doi.org/10.1057/9780230373334t more than 90% of Alexa top 500 websites?[.] contain third party content that is tracking its users across the web. Website developers often need to include third party content in order to provide basic functionality. However, when a developer includes a third party content, she cannot know whether作者: 袋鼠 時間: 2025-3-27 20:25
G. A. Fletcher B.A., M.Sc. (Econ.)nd feasibility. Possible mechanisms for the transfer are critically examined. Software engineering methodologies do not make use of security domain knowledge in its form of vulnerability databases (e.g. CWE, CVE, Exploit DB), which are therefore not appropriate for this purpose. An approach based up作者: Cumbersome 時間: 2025-3-27 21:58
The Discourse Trap and the US Militarywer and flexibility of ROP attacks was recently demonstrated using . ROP tactics (.), whereby an adversary repeatedly leverages a memory disclosure vulnerability to identify useful instruction sequences and compile them into a functional ROP payload at runtime. Since the advent of just-in-time code 作者: uveitis 時間: 2025-3-28 03:42
The Discourse of Business Meetings While kernel security relies fundamentally on preventing access to address information, recent attacks have shown that the hardware directly leaks this information. Strictly splitting kernel space and user space has recently been proposed as a theoretical concept to close these side channels. Howev作者: 松馳 時間: 2025-3-28 08:21 作者: fledged 時間: 2025-3-28 11:47 作者: 易碎 時間: 2025-3-28 17:36
https://doi.org/10.1057/9780230316539ed in AES implementations for storing precomputed results provide speedup for encryption and decryption. How such lookup tables are used is known to affect the vulnerability to side channels, but the concrete effects in actual AES implementations are not yet sufficiently well understood. In this art作者: 紀念 時間: 2025-3-28 19:18
Malcolm N. MacDonald,Duncan Hunterupport of such a unifying theory comes a model for . (SES), which offers innovative common grounds to understand all four groups. For example, all rest on ., respectively votes, test answers, bids and papers, which are to be . and ultimately ranked. A taxonomy for all groups is advanced to provide a作者: 固定某物 時間: 2025-3-28 23:53
Eric Bodden,Mathias Payer,Elias AthanasopoulosIncludes supplementary material: 作者: ECG769 時間: 2025-3-29 04:24 作者: 柳樹;枯黃 時間: 2025-3-29 09:07
Conference proceedings 2017?Germany in July 2017. The 12 full papers presented togetherwith 3 short papers were carefully reviewed and selected from 32 submissions.?.The goal of this symposium is to bring together researchers and practitioners toadvance the states of the art and practice in secure software engineering..作者: conception 時間: 2025-3-29 11:33
https://doi.org/10.1007/978-3-319-62105-0Data security; Semantics; Software engineering; Computer architecture; Cloud security; Mobile devices sec作者: hankering 時間: 2025-3-29 15:43
978-3-319-62104-3Springer International Publishing AG 2017作者: 阻礙 時間: 2025-3-29 23:13 作者: Foreknowledge 時間: 2025-3-30 00:06 作者: 騷動 時間: 2025-3-30 07:30
The Direction of Literary Theoryhat performs runtime injection of the appropriate rules into the original search query, so that the result set of the search includes only items to which the subject is entitled. Our evaluation shows that our method scales far better than current state of practice approach that supports policy-based access control.作者: Halfhearted 時間: 2025-3-30 11:48
https://doi.org/10.1057/9780230373334ny third-party content, thus trading functionality for privacy. We describe and implement a privacy-preserving web architecture that gives website developers a control over third party tracking: developers are able to include functionally useful third party content, the same time ensuring that the end users are not tracked by the third parties.作者: 鑲嵌細工 時間: 2025-3-30 14:54
SEQUOIA: Scalable Policy-Based Access Control for Search Operations in Data-Driven Applications,hat performs runtime injection of the appropriate rules into the original search query, so that the result set of the search includes only items to which the subject is entitled. Our evaluation shows that our method scales far better than current state of practice approach that supports policy-based access control.作者: etiquette 時間: 2025-3-30 19:48
