Reducing the Attack Surface
نویسندگان
چکیده
منابع مشابه
Reducing the X.509 Attack Surface with DNSSEC’s DANE
For the last decade, perhaps the most commonly used type of end-user security has been the HTTP Secure (HTTPS) protocol employed by web browsers (which runs over the Secure Sockets Layer, SSL or its successor, TLS). In HTTPS, any service (such as a website) may create its own cryptographic certificate to secure its communication channel, and clients use this certificate to verify data from, and...
متن کاملNTRU Prime: Reducing Attack Surface at Low Cost
Several ideal-lattice-based cryptosystems have been broken by recent attacks that exploit special structures of the rings used in those cryptosystems. The same structures are also used in the leading proposals for post-quantum lattice-based cryptography, including the classic NTRU cryptosystem and typical Ring-LWE-based cryptosystems. This paper (1) proposes NTRU Prime, which tweaks NTRU to use...
متن کاملMeasuring COOP Attack Surface Reduction
Nowadays control-flow hijacking attacks represents the highest software-based security threat [16]. We want to develop a tool that can measure the exact attack surface reduction w.r.t. the attack, Counterfeit Object-Oriented Programming (COOP) [8]. This attack is particularly hard to defend against since traditional Control Flow Integrity (CFI) [1] approaches and hardware based shadow stacks [1...
متن کاملMeasuring a system's attack surface
We propose a metric to determine whether one version of a system is relatively more secure than another with respect to the system's attack surface. Intuitively, the more exposed the attack surface, the more likely the system could be successfully attacked, and hence the more insecure it is. We define an attack surface in terms of the system's actions that are externally visible to its users an...
متن کاملRisk-Based Attack Surface Approximation
In our increasingly interconnected world, software security is an increasingly important issue for development teams. However, there is too much security work to do for these teams as security needs have out-scaled security resources. To help prioritize security efforts, professionals use the attack surface of a system, or the sum of all paths for untrusted data into and out of a system, to ide...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Queue
سال: 2017
ISSN: 1542-7730,1542-7749
DOI: 10.1145/3155112.3161600