1,720,999 research outputs found
Software-based reference protection for component isolation.
Full text linkReference protection mechanisms are commonly used to isolate and to provide protection for components that execute within a shared run-time environment. These mechanisms often incur an overhead due to maintaining the isolation or introduce inefficiencies in the communication between the components. Past research operated under the assumption that some performance loss is an acceptable price for the added security that comes with better isolation. This thesis sets out to demonstrate that good isolation does not imply performance loss. While numerous models for implementing reference protection have been suggested, there is a lack of a unified terminology that allows the comparison of systems from across the domain. This thesis presents a classification framework that captures the trade-offs present in the design of reference protection. It identifies four main models of reference protection: complete isolation, where components do not share references to objects; object sharing, where components can share data while still maintaining private, unshared data; partial isolation, where components have private, unshared data and an exposed interface that allows other component's indirect access to the private data; and initial isolation, where components are isolated when created, but the model allows the programmer to share references without restriction. Applying the classification to systems providing reference protection identifies a gap in the prior research. Partial isolation promises the level of security expected from component isolation combined with efficient communication. Yet, the only implementation of partial isolation of components uses expensive run-time checks to enforce the protection. To bridge this gap, this thesis presents the Exported Types design. Exported Types is a type system design that enforces partial isolation at compile time. Using compile-time checks removes the run-time overhead of enforcing the protection model. The design is applied to a meta-circular Java virtual machine to isolate the virtual machine code from the application. Applying reference protection in this scenario reduces the number of classes the virtual machine exposes to the application by two orders of magnitude. Performance tests demonstrate that reference protection, and the higher security it provides, are achieved at no performance cost.Thesis (Ph.D.) -- University of Adelaide, School of Computer Science, 201
Going Beyond Counting First Authors in Author Co-citation Analysis
Full text linkThe present study examines one of the fundamental aspects of author co-citation analysis (ACA) - the way co-citation
counts are defined. Co-citation counting provides the data on which all subsequent statistical analyses and mappings
are based, and we compare ACA results based on two different types of co-citation counting - the traditional type that
only counts the first one among a cited work's authors on the one hand and a non-traditional type that takes into
account the first 5 authors of a cited work on the other hand. Results indicate that the picture produced through this non-traditional author co-citation counting contains more coherent author groups and is therefore considerably clearer. However, this picture represents fewer specialties in the research field being studied than that produced through the traditional first-author co-citation counting when the same number of top-ranked authors is selected and analyzed. Reasons for these effects are discussed
Browser-Based Microarchitectural Side-Channel Attacks
No full textWeb browsers have become a critical component of the modern computing ecosystem. They execute code from websites to enable rich interactions; however, this capability can be exploited by malicious websites to launch attacks directly on user devices. The risk is further amplified by microarchitectural side-channel attacks, which leverage hardware characteristics to leak sensitive data. Although comprehensive theoretical countermeasures exist, they are often impractical for use across entire browsers. As a result, browser vendors have resorted to implementing ad-hoc countermeasures to address these threats. This issue raises the central question of this thesis: Are these ad-hoc countermeasures effective in protecting users against microarchitectural side-channel attacks? To answer this question, the thesis investigates and implements microarchitectural variants of four attack types: website fingerprinting, pixel stealing, memory disclosure, and reduced-round encryption attacks. The thesis begins by investigating the underlying causes of leakage in three recent microarchitectural website-fingerprinting attacks. The findings reveal that multiple independent sources contribute to the observed leakage, each leaking sufficient information to enable website fingerprinting. These results suggest that effective protection requires comprehensive and multi-faceted countermeasures. The thesis then introduces two attacks: Pixel Thief and Spook.js, both of which are practical, end-to-end microarchitectural attacks implemented in JavaScript and capable of targeting modern browsers. Pixel Thief is a cache-based pixel-stealing attack that leverages data-dependent memory access patterns in Scalable Vector Graphics filters to recover portions of rendered webpages. Spook.js is a memory disclosure attack that exploits transient type confusion to access arbitrary process memory. Together, these attacks demonstrate that previous mitigation efforts against microarchitectural threats are insufficient. Finally, the thesis presents a proof-of-concept (PoC) attack against controlled leakage in security type systems through a reduced-round encryption attack on the Advanced Encryption Standard (AES). Security type systems enable developers to annotate secret values, allowing the compiler to automatically enforce protections against leakage. These systems often assume sequential execution, however modern processors exhibit out-of-order execution. The PoC attack exploits this mismatch in execution semantics to leak secret values by triggering controlled leakage earlier than the developer intended. While this thesis shows that ad-hoc countermeasures have been insufficient, it does not claim they are ineffective. The attacks presented here have had reduced impact, required more sophisticated implementation techniques, and required stronger assumptions of adversarial capabilities demonstrating the efficacy of these countermeasures. Furthermore, this work has also informed browser vendors and website operators in the development of new countermeasures that further reduce the threat posed by microarchitectural attacks.Thesis (Ph.D.) -- University of Adelaide, School of Computer and Mathematical Sciences, 202
Fuzz Driver Generation
Full text linkPoor software quality has led to tremendous costs and safety disasters, thus, software defects make the news with alarming regularity. Fuzzing is a bug detection technique. In particular, it is a software testing method where a stream of random input is sent to an application to stress the application and cause unexpected behaviour, resource leaks or crashes. When it comes to fuzzing software libraries, a fuzz driver plays an important role because it is the binder between the fuzzer and the target program. Traditionally fuzzing was used in closed-source platforms and also it is used to find vulnerabilities in kernels. However, recent developments show that fuzzing is now applied to open-source libraries. This research study analyses the role of a fuzz driver in the domain of fuzzing to recognise its importance, applications, techniques, challenges and future directions. This study intends to explore the state-of-the-art fuzz driver development strategies and identify trends in research and areas of potential improvements. We identified that fuzz driver generation is mainly seen as a minor activity in fuzzing research. It was evident that the development of a fuzz driver is laborious and time-consuming in nature but multiple innovative methodologies have been adopted in recent years to ease this task There are three main techniques to develop a fuzz driver: software developers manually writing a fuzz driver, semi-automatic generation of a fuzz driver through human-in-the-loop approaches and fully automatic generation of a fuzz driver. This research study evaluates these techniques through case studies and empirical analysis to recognise the best state-of-the-art fuzz driver generation strategy available for researchers and software testers. Our results show that manually developed fuzz drivers still outperform other methodologies in terms of performance but our results show how other methodologies could surpass their performance levels. Furthermore, this study analyses the effect of varying complexity levels of target functions on the performance of the fuzzing campaigns initiated through multiple fuzz driver generation techniques.Thesis (MPhil) -- University of Adelaide, School of Computer Science , 202
Variations on the Author
Full text link“Variations on the Author” discusses two of Eduardo Coutinho’s recent films (Um Dia na Vida, from 2010, and Últimas Conversas, posthumously released in 2015) and their contribution to the general question of documentary authorship. The director’s filmography is characterized by a consistent yet self-effacing form of authorial self-inscription: Coutinho often features as an interviewer that rather than express opinions propels discourses; an interviewer that is good at listening. This mode of self-inscription characterizes him as an author who is not expressive but who is nonetheless markedly present on the screen. In Um Dia na Vida, however, Coutinho is completely absent form the image, while Últimas Conversas, on the contrary, includes a confessional prologue that moves the director from the margins to the center of his films. This article examines the ways in which these works stand out in the filmography of a director who offers new insights into the notion of cinematic authorship
Enterprise security architecture - mythology or methodology?
Full text linkSecurity is a complex issue for organisations, with its management now a fiduciary responsibility as well as a moral one. Organisational security, such as computer security, human security, access control, risk management etc.; is conducted in separate business units creating a silo effect. A cohesive and holistic approach is required to mitigate the risk of security breaches and parts of the business not monitored by any silo. Without a holistic robust structure, the assets of an organisation are at critical risk. Enterprise architecture (EA) is a strong and reliable structure that has been tested and used effectively for designing, building, and managing organisations globally for at least 30 years. Grouping security with EA promises to leverage the benefits of EA in the security domain. Through a review of existing security frameworks this work evaluates the extent to which they employ EA and determines there is a need for developing a comprehensive solution. This research designs, develops, evaluates and demonstrates a security EA framework for organisations regardless of their industry, budgetary constraints or size. The framework is developed from the Zachman framework 2013 Version 3.0 because it is the most complete, most referenced in our frameworks review, and historically the methodology that is chosen by others to base their frameworks on. The results support the need for a holistic security structure and indicate benefits including reduction of security gaps, improved security investment decisions, clear functional responsibilities and a complete security nomenclature and international security standard compliance among others. This research bridges the gap and changes the way we fundamentally view security in an organisation, from individual silo capabilities to a holistic security eco-system with highly interdependent primitive security models.Thesis (Ph.D.) -- University of Adelaide, School of Computer Science, 202
Appropriate Similarity Measures for Author Cocitation Analysis
Full text linkWe provide a number of new insights into the methodological discussion about author cocitation analysis. We first argue that the use of the Pearson correlation for measuring the similarity between authors’ cocitation profiles is not very satisfactory. We then discuss what kind of similarity measures may be used as an alternative to the Pearson correlation. We consider three similarity measures in particular. One is the well-known cosine. The other two similarity measures have not been used before in the bibliometric literature. Finally, we show by means of an example that our findings have a high practical relevance.information science;Pearson correlation;cosine;similarity measure;author cocitation analysis
- …
