John Bethencourt, Dawn Song, Brent Waters
A system for private stream searching, introduced by Ostrovsky and Skeith, allows a client to provide an untrusted server with an encrypted search query. The server uses the query on a stream of...
Limits of Learning-based Signature Generation with Adversaries (2009)
Shobha Venkataraman, Avrim Blum, Dawn Song
Automatic signature generation is necessary because there may often be little time between the discovery of a vulnerability, and exploits developed to target the vulnerability. Much research effort...
In this paper, we describe our new results in developing and extending Automatic Protocol Generation (APG), an approach to automatically generate security protocols. We explore two-party mutual...
Analysis-Resistant Malware (2009)
John Bethencourt, Dawn Song, Brent Waters
SRI International Traditionally, techniques for computing on encrypted data have been proposed with privacy preserving applications in mind. Several current cryptosystems support a homomorphic...
Exploiting Network Structure for Proactive Spam Mitigation (2009)
Shobha Venkataraman, Subhabrata Sen, Oliver Spatscheck, Patrick Haffner, Dawn Song
E-mail has become indispensable in today’s networked society. However, the huge and ever-growing volume of spam has become a serious threat to this important communication medium. It not only...
Debin Gao, Michael K. Reiter, Dawn Song
Many host-based anomaly detection systems monitor a process by observing the system calls it makes, and comparing these calls to a model of behavior for the program that the process should be...
ABSTRACT Black box anomaly detection: is it utopian? (2008)
Shobha Venkataraman, Juan Caballero, Dawn Song, Avrim Blum, Jennifer Yates
Automatic identification of anomalies on network data is a problem of fundamental interest to ISPs to diagnose incipient problems in their networks. ISPs gather diverse data sources from the network...
Detecting Stealthy Spreaders Using Online Outdegree Histograms ABSTRACT (2008)
Yan Gao, Yao Zhao, Robert Schweller, Shobha Venkataraman, Yan Chen, Dawn Song, ...
We consider the problem of detecting the presence of a sufficiently large number of hosts that connect to more than a certain number of unique destinations within a given time window, over high-speed...
Automatic Patch-Based Exploit Generation is Possible: Techniques and Implications (2008)
David Brumley, Pongsin Poosankam, Dawn Song, Jiang Zheng
The automatic patch-based exploit generation problem is: given a program P and a patched version of the program P ′ , automatically generate an exploit for the potentially unknown vulnerability...
Exploiting Network Structure for Proactive Spam Mitigation (2008)
Shobha Venkataraman, Subhabrata Sen, Oliver Spatscheck, Patrick Haffner, Dawn Song
E-mail has become indispensable in today’s networked society. However, the huge and ever-growing volume of spam has become a serious threat to this important communication medium. It not only...
Analysis-Resistant Malware (2008)
Traditionally, techniques for computing on encrypted data have been proposed with privacy preserving applications in mind. Several current cryptosystems support a homomorphic operation, allowing...
Abstract Towards Attack-Agnostic Defenses (2008)
Internet attackers control hundreds of thousands to perhaps millions of computers, which they can use for a variety of different attacks. Common attacks include spam delivery, phishing, and DDoS. The...
Abstract A First Step towards the Automatic Generation of Security Protocols ¡ (2008)
This paper describes automatic protocol generation (APG for short), a novel mechanism to generate security protocols automatically. With APG, the protocol designer inputs the specification of the...
Detecting Stealthy Spreaders Using Online Outdegree Histograms ABSTRACT (2008)
Yan Gao, Yao Zhao, Robert Schweller, Shobha Venkataraman, Yan Chen, Dawn Song, ...
We consider the problem of detecting the presence of a sufficiently large number of hosts that connect to more than a certain number of unique destinations within a given time window, over high-speed...
Juan Caballero, Theocharis Kampouris, Dawn Song, Jia Wang
Today’s Internet routing infrastructure exhibits high homogeneity. This constitutes a serious threat to the resilience of the network, since a bug or security vulnerability in an implementation...
Detecting Stealthy Spreaders Using Online Outdegree Histograms ABSTRACT (2008)
Yan Gao, Yao Zhao, Robert Schweller, Shobha Venkataraman, Yan Chen, Dawn Song, ...
We consider the problem of detecting the presence of a sufficiently large number of hosts that connect to more than a certain number of unique destinations within a given time window, over high-speed...
Adrian Perrig, Dawn Song, Sean Smith, J. D. Tygar
Increasing numbers of economic transactions are conducted through on-line auctions. Nevertheless, most current auction implementations fail to address important security concerns. In particular, most...
ABSTRACT Black box anomaly detection: is it utopian? (2008)
Shobha Venkataraman, Juan Caballero, Dawn Song, Avrim Blum, Jennifer Yates
Automatic identification of anomalies on network data is a problem of fundamental interest to ISPs to diagnose incipient problems in their networks. ISPs gather diverse data sources from the network...
Abstract The TESLA Broadcast Authentication Protocol ∗ (2008)
Adrian Perrig, Ran Canetti, J. D. Tygar, Dawn Song
One of the main challenges of securing broadcast communication is source authentication, or enabling receivers of broadcast data to verify that the received data really originates from the claimed...
Verifying Server Computation (2008)
Abstract. In many scenarios, clients receive the results of computation which has been performed by a remote server. An example of such a setting is the third-party publishing model, in which a...
¯ Message representation through a tree structure (2008)
Adrian Perrig, Dawn Song, Adrian Perrig, Dawn Song, Ndss Apg, Concat Kb
¯ Usually ad-hoc, lacking formalism. Hidden assumptions weaken security. ¯ Error-prone. A Classic Example: Needham-Schroeder public key authentication protocol [NS78], in which Gavin Lowe...
Debin Gao, Michael K. Reiter, Dawn Song
Many host-based anomaly detection systems monitor a process by observing the system calls it makes, and comparing these calls to a model of behavior for the program that the process should be...
1 Automatically Identifying Trigger-based Behavior in (2008)
David Brumley, Cody Hartwig, Zhenkai Liang, James Newsome, Dawn Song, Heng Yin
Malware often contains hidden behavior which is only activated when properly triggered. Well known examples include: the MyDoom worm which DDoS’s on particular dates, keyloggers which only log...
Sting: An End-to-End Self-Healing System for Defending against Internet Worms (2008)
David Brumley, James Newsome, Dawn Song
We increasingly rely on highly available systems in all areas of society, from the economy, to military, to the government. Unfortunately, much software, including critical applications, contains...
Advisor StackPi: New Packet Marking and Filtering Mechanisms for DDoS and IP Spoofing Defense (2008)
Abraham Yaar, Advisor Prof Perrig, Abraham Yaar, Adrian Perrig, Dawn Song
Today’s Internet hosts are threatened by large scale Distributed Denial-of-Service (DDoS) attacks. The Path Iden-tification (Pi) DDoS defense scheme has been recently proposed as a deterministic...
David Brumley, Hao Wang, Somesh Jha, Dawn Song, Inparticular Weneedautomatic
techniqueswhichgeneratesoundsignatures—signatures whichwillnotmistakenlyblocklegitimatetrafficorraise falsealarms. Inaddition,weneedsignaturestohavefew...
Tygar SAM: A Flexible and Secure Auction Architecture Using Trusted Hardware (2008)
Adrian Perrig, Sean Smith, Dawn Song, J. D. Tygar
Increasing numbers of economic transactions are conducted through on-line auctions. Nevertheless, most current auction implementations fail to address important security concerns. In particular, most...
Abstract On Gray-Box Program Tracking for Anomaly Detection (2008)
Debin Gao, Michael K. Reiter, Dawn Song
Many host-based anomaly detection systems monitor a process ostensibly running a known program by observing the system calls the process makes. Numerous improvements to the precision of this approach...
Abstract A First Step towards the Automatic Generation of Security Protocols £ (2008)
This paper describes automatic protocol generation (APG for short), a novel mechanism to generate security protocols automatically. With APG, the protocol designer inputs the specification of the...
Abstract A First Step towards the Automatic Generation of Security Protocols£ (2008)
This paper describes automatic protocol generation (APG for short), a novel mechanism to generate security protocols automatically. With APG, the protocol designer inputs the specification of the...
Provable Data Possession at Untrusted Stores ∗ (2008)
Joseph Herring, Lea Kissner, Zachary Peterson, Dawn Song
We introduce a model for provable data possession (PDP) that allows a client that has stored data at an untrusted server to verify that the server possesses the original data without retrieving it....
Abstract The TESLA Broadcast Authentication Protocol ∗ (2008)
Adrian Perrig, Ran Canetti, J. D. Tygar, Dawn Song
One of the main challenges of securing broadcast communication is source authentication, or enabling receivers of broadcast data to verify that the received data really originates from the claimed...
In this paper, we describe our new results in developing and extending Automatic Protocol Generation (APG), an approach to automatically generate security protocols. We explore two-party mutual...
In this paper, we describe our new results in developing and extending Automatic Protocol Generation (APG), an approach to automatically generate security protocols. We explore two-party mutual...
Tygar SAM: A Flexible and Secure Auction Architecture Using Trusted Hardware (2008)
Adrian Perrig, Y Sean Smithz, Dawn Song
Abstract Increasing numbers of economic transactions are con-ducted through on-line auctions. Nevertheless, most current auction implementations fail to address important securityconcerns. In...
Key Distribution Techniques For Sensor Networks (2008)
Haowen Chan, Adrian Perrig, Dawn Song
This chapter reviews several key distribution and key establishment techniques for sensor networks. We briefly describe several well known key establishment schemes, and provide a more detailed...
A Study of the Structure of the Web (2007)
Amol Deshpande, Randy Huang, Vijayshankar Raman, Tracy Riggs, Dawn Song, Lakshminarayanan Subramanian
The WorldWide Web is a huge, growing repository of information on a wide range of topics. It is also becoming important, commercially and sociologically, as a place of human interaction within...
Scott Crosby, Ian Goldberg, Robert Johnson, Dawn Song, David Wagner
Abstract. We describe a weakness in the High Bandwidth Digital Content Protection (HDCP) scheme which may lead to practical attacks. HDCP is a proposed identity-based cryptosystem for use over the...
Scott Crosby, Ian Goldberg, Robert Johnson, Dawn Song, David Wagner
Abstract. We describe a weakness in the High Bandwidth Digital Content Protection (HDCP) scheme which may lead to practical attacks. HDCP is a proposed identity-based cryptosystem for use over the...
Tygar SAM: A Flexible and Secure Auction Architecture Using Trusted Hardware (2007)
Adrian Perrig, Dawn Song, Sean Smith, J. D. Tygar
Increasing numbers of economic transactions are conducted through on-line auctions. Nevertheless, most current auction implementations fail to address important security concerns. In particular, most...
Tygar SAM: A Flexible and Secure Auction Architecture Using Trusted Hardware (2007)
Adrian Perrig, Sean Smith, Dawn Song, J. D. Tygar
Increasing numbers of economic transactions are conducted through on-line auctions. Nevertheless, most current auction implementations fail to address important security concerns. In particular, most...
Robert Johnson, David Molnar, Dawn Song, David Wagner
Abstract. Privacy homomorphisms, encryption schemes that are also homomorphisms relative to some binary operation, have been studied for some time, but one may also consider the analogous problem of...
Scott Crosby, Ian Goldberg, Robert Johnson, Dawn Song, David Wagner
We describe a practical attack on the High Bandwidth Digital Content Protection (HDCP) scheme. HDCP is a proposed identity-based cryptosystem for use over the Digital Visual Interface bus, a consumer...
1 Mitigating Buer Over ows 1.1 Buer Over ow Review (2007)
We propose three methods for mitigating buer over ows by using operating system randomization: randomization of system call mappings, randomization of global library entry points, and randomization...
James Newsome, Elaine Shi, Dawn Song, Adrian Perrig
Security is important for many sensor network applications. A particularly harmful attack against sensor and ad hoc networks is known as the Sybil attack [6], where a node illegitimately claims...
David Brumley, Juan Caballero, Zhenkai Liang, James Newsome, Dawn Song
Different implementations of the same protocol specification usually contain deviations, i.e., differences in how they check and process some of their inputs. Deviations are commonly introduced as...
Panorama: Capturing system-wide information flow for malware detection and analysis (2007)
Heng Yin, Dawn Song, Manuel Egele, Christopher Kruegel, Engin Kirda
Malicious programs spy on users ’ behavior and compromise their privacy. Even software from reputable vendors, such as Google Desktop and Sony DRM media player, may perform undesirable actions....
RICH: Automatically protecting against integer-based vulnerabilities (2007)
David Brumley, Tzi-cker Chiueh, Robert Johnson, Huijia Lin, Dawn Song
We present the design and implementation of RICH (Run-time Integer CHecking), a tool for efficiently detecting integer-based attacks against C programs at run time. C integer bugs, a popular avenue...
BitScope: Automatically dissecting malicious binaries (2007)
David Brumley, Cody Hartwig, Min Gyung Kang, Zhenkai Liang, James Newsome, Pongsin Poosankam, ...
Automatic analysis of malicious binaries is necessary in order to scale with the rapid development and recovery of malware found in the wild. The results of automatic analysis are useful for creating...
Efficient Cryptographic Techniques for Securing Storage Systems (2007)
Alina Mihaela Oprea, Gregory Ganger, Dawn Song
management in cryptographic file systems, lazy revocation, consistency of encrypted data. The growth of outsourced storage in the form of storage service providers underlines the importance of...
David Brumley, Juan Caballero, Zhenkai Liang, James Newsome, Dawn Song
Different implementations of the same protocol specification usually contain deviations, i.e., differences in how they check and process some of their inputs. Deviations are commonly introduced as...
Panorama: Capturing system-wide information flow for malware detection and analysis (2007)
Heng Yin, Dawn Song, Manuel Egele, Christopher Kruegel, Engin Kirda
Malicious programs spy on users ’ behavior and compromise their privacy. Even software from reputable vendors, such as Google Desktop and Sony DRM media player, may perform undesirable actions....
David Brumley, Juan Caballero, Zhenkai Liang, James Newsome, Dawn Song
Different implementations of the same protocol specification usually contain deviations, i.e., differences in how they check and process some of their inputs. Deviations are commonly introduced as...
Panorama: Capturing system-wide information flow for malware detection and analysis (2007)
Heng Yin, Dawn Song, Manuel Egele, Christopher Kruegel, Engin Kirda
Malicious programs spy on users ’ behavior and compromise their privacy. Even software from reputable vendors, such as Google Desktop and Sony DRM media player, may perform undesirable actions....
RICH: Automatically protecting against integer-based vulnerabilities (2007)
David Brumley, Tzi-cker Chiueh, Robert Johnson, Huijia Lin, Dawn Song
We present the design and implementation of RICH (Run-time Integer CHecking), a tool for efficiently detecting integer-based attacks against C programs at run time. C integer bugs, a popular avenue...
Sweeper: A lightweight end-to-end system for defending against fast worms (2007)
Joseph Tucek, James Newsome, Shan Lu, Chengdu Huang, Spiros Xanthos, David Brumley, ...
The vulnerabilities which plague computers cause endless grief to users. Slammer compromised millions of hosts in minutes; a hit-list worm would take under a second. Recently proposed techniques...
Heng Yin, Zhenkai Liang, Dawn Song, Heng Yin, Zhenkai Liang, Dawn Song
Installing various hooks into the victim system is an important attacking strategy used by malware, including spyware, rootkits, stealth backdoors, and others. In order to evade detection, malware...
Polyglot: Automatic extraction of protocol format using dynamic binary analysis (2007)
Juan Caballero, Heng Yin, Zhenkai Liang, Dawn Song
Protocol reverse engineering, the process of extracting the application-level protocol used by an implementation, without access to the protocol specification, is important for many network security...
Distributed Evasive Scan Techniques and Countermeasures (2007)
Min Gyung Kang, Min Gyung Kang, Juan Caballero, Juan Caballero, Dawn Song, Dawn Song
Abstract. Scan detection and suppression methods are an important means for preventing the disclosure of network information to attackers. However, despite the importance of limiting the information...
Dynamic Spyware Analysis (2007)
Manuel Egele, Christopher Kruegel, Engin Kirda, Heng Yin, Dawn Song
Spyware is a class of malicious code that is surreptitiously installed on victims ’ machines. Once active, it silently monitors the behavior of users, records their web surfing habits, and steals...
Automated Compositional Analysis for Checking Component Substitutability (2007)
Nishant Sinha, Don Thomas, Dawn Song, Corina Păsăreanu, Oded Maler
Model checking is an automated technique to verify hardware and software systems formally. Most of the model checking research has focused on developing scalable techniques for verifying large...
Towards Practical Automatic Generation of Multipath Vulnerability Signatures (2007)
David Brumley, Zhenkai Liang, James Newsome, Dawn Song
Signature-based defense systems are one of the most popular architectures for defending against exploits of vulnerabilities. At the heart of a signature-based defense system is the signature...
Efficient Cryptographic Techniques for Securing Storage Systems (2007)
Alina Mihaela Oprea, Gregory Ganger, Dawn Song
management in cryptographic file systems, lazy revocation, consistency of encrypted data. The growth of outsourced storage in the form of storage service providers underlines the importance of...
Rewriting a previously seen dialog between two entities, so that it is accepted by another entity, is important for many applications including: the protocol replay problem and the NAT rewriting...
Distributed Evasive Scan Techniques and Countermeasures (2007)
Min Gyung Kang, Juan Caballero, Dawn Song
Abstract. Scan detection and suppression methods are an important means for preventing the disclosure of network information to attackers. However, despite the importance of limiting the information...
FiG: Automatic Fingerprint Generation (2007)
Juan Caballero, Min Gyung Kang, Shobha Venkataraman, Dawn Song, Pongsin Poosankam, Avrim Blum
Fingerprinting is a widely used technique among the networking and security communities for identifying different implementations of the same piece of networking software running on a remote host. A...
New Techniques for Private Stream Searching (2006)
Bethencourt, John, Song, Dawn, Waters, Brent
A system for private stream searching, introduced by Ostrovsky and Skeith, allows a client to provide an untrusted server with an encrypted search query. The server uses the query on a stream of...
Privacy-Preserving Set Operations (2006)
In many important applications, a collection of mutually distrustful parties must perform private computation over multisets. Each party's input to the function is his private input multiset. In...
In this paper, the authors introduce GEM (Graph EMbedding for sensor networks), an infrastructure for node-to-node routing and data-centric storage and information processing in sensor networks. In...
Replayer: Automatic Protocol Replay by Binary Analysis (2006)
James Newsome, David Brumley, Jason Franklin, Dawn Song
We address the problem of replaying an application dialog between two hosts. The ability to accurately replay application dialogs is useful in many security-oriented applications, such as replaying...
Behavioral distance measurement using hidden markov models (2006)
Debin Gao, Michael K. Reiter, Dawn Song
Abstract. The behavioral distance between two processes is a measure of the deviation of their behaviors. Behavioral distance has been proposed for detecting the compromise of a process, by computing...
Debin Gao, Michael K. Reiter, Dawn Song, Debin Gao, Michael K. Reiter
Many host-based anomaly detection techniques have been proposed to detect code-injection attacks on servers. The vast majority, however, are susceptible to “mimicry” attacks in which the injected...
New techniques for private stream searching (2006)
John Bethencourt, Dawn Song, Brent Waters
A system for private stream searching, introduced by Ostrovsky and Skeith [18], allows a client to provide an untrusted server with an encrypted search query. The server uses the query on a stream of...
New techniques for private stream searching (2006)
John Bethencourt, Dawn Song, Brent Waters
A system for private stream searching, introduced by Ostrovsky and Skeith [18], allows a client to provide an untrusted server with an encrypted search query. The server uses the query on a stream of...
Towards automatic generation of vulnerability-based signatures (2006)
David Brumley, James Newsome, Dawn Song, Hao Wang, Somesh Jha
In this paper we explore the problem of creating vulnerability signatures. A vulnerability signature matches all exploits of a given vulnerability, even polymorphic or metamorphic variants. Our work...
Towards automatic generation of vulnerability-based signatures (2006)
David Brumley, James Newsome, Dawn Song, Hao Wang, Somesh Jha
In this paper we explore the problem of creating vulnerability signatures. A vulnerability signature matches all exploits of a given vulnerability, even polymorphic or metamorphic variants. Our work...
Paragraph: Thwarting signature learning by training maliciously (2006)
James Newsome, Brad Karp, Dawn Song
Abstract. Defending a server against Internet worms and defending a user’s email inbox against spam bear certain similarities. In both cases, a stream of samples arrives, and a classifier must...
Replayer: Automatic Protocol Replay by Binary Analysis (2006)
James Newsome, David Brumley, Jason Franklin, Dawn Song
We address the problem of replaying an application dialog between two hosts. The ability to accurately replay application dialogs is useful in many security-oriented applications, such as replaying...
Towards automatic generation of vulnerability-based signatures (2006)
David Brumley, James Newsome, Dawn Song, Hao Wang, Somesh Jha
In this paper we explore the problem of creating vulnerability signatures. A vulnerability signature matches all exploits of a given vulnerability, even polymorphic or metamorphic variants. Our work...
Theory and Techniques for Automatic Generation of Vulnerability-Based Signatures (2006)
David Brumley, James Newsome, Dawn Song, Hao Wang, Somesh Jha
01-1-0708. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and
Towards automatically eliminating integer-based vulnerabilities (2006)
David Brumley, Dawn Song, Joseph Slember
Over 100 C integer vulnerabilities have been publicly identified to date, some of which have resulted in serious disasters such as rocket malfunction. C integer vulnerabilities can arise when one...
Design space and analysis of worm defense strategies (2006)
David Brumley, Li-hao Liu, Pongsin Poosankam, Dawn Song
We give the first systematic investigation of the design space of worm defense system strategies. We accomplish this by providing a taxonomy of defense strategies by abstracting away...
Behavioral Distance for Intrusion Detection (2005)
Debin Gao, Michael K. Reiter, Dawn Song
Abstract. We introduce a notion, behavioral distance, for evaluating the extent to which processes—potentially running different programs and executing on different platforms—behave similarly in...
Privacy-preserving set operations (2005)
In many important applications, a collection of mutually distrustful parties must perform private computation over multisets. Each party’s input to the function is his private input multiset. In...
Privacy-preserving set operations (2005)
Abstract. In many important applications, a collection of mutually distrustful parties must perform private computation over multisets. Each party’s input to the function is his private input...
New Streaming Algorithms for Fast Detection of Superspreaders (2005)
Shobha Venkataraman, Dawn Song, Phillip B. Gibbons, Avrim Blum
High-speed monitoring of Internet traffic is an important and challenging problem, with applications to realtime attack detection and mitigation, traffic engineering, etc. However, packet-level...
Taxonomy and Effectiveness of Worm Defense Strategies (2005)
David Brumley, Li-Hao Liu, Pongsin Poosankam, Dawn Song
While it is important to develop effective worm defense techniques, most previous work has focused on a single point in the design space. The sheer complexity and size of the design space of worm...
Privacy-Preserving Set Operations (2005)
In many important applications, a collection of mutually distrustful parties must perform private computation over multisets. Each party's input to the function is his private input multiset. In...
Vulnerability-Specific Execution Filtering for Exploit Prevention on Commodity Software (2005)
James Newsome, David Brumley, Dawn Song
Exploits for new vulnerabilities, especially when incorporated within a fast spreading worm, can compromise nearly all vulnerable hosts within a short amount of time. This problem demonstrates the...
Taxonomy and Effectiveness of Worm Defense Strategies (2005)
David Brumley, Li-Hao Liu, Pongsin Poosankam, Dawn Song
While it is important to develop effective worm defense techniques, most previous work has focused on a single point in the design space. The sheer complexity and size of the design space of worm...
Taxonomy and effectiveness of worm defense strategies (2005)
David Brumley, Li-hao Liu, Pongsin Poosankam, Dawn Song
While it is important to develop effective worm defense techniques, most previous work has focused on a single point in the design space. The sheer complexity and size of the design space of worm...
Privacy-preserving set operations (2005)
In many important applications, a collection of mutually distrustful parties must perform private computation over multisets. Each party’s input to the function is his private input multiset. In...
James Newsome, David Brumley, Dawn Song
Complex computer systems are plagued with bugs and vulnerabilities. Worms such as SQL Slammer and hit-list worms exploit vulnerabilities in computer programs and can compromise millions of vulnerable...
New Streaming Algorithms for Fast Detection of Superspreaders (2005)
Shobha Venkataraman, Dawn Song, Phillip B. Gibbons, Avrim Blum
High-speed monitoring of Internet traffic is an important and challenging problem, with applications to realtime attack detection and mitigation, traffic engineering, etc. However, packet-level...
Software vulnerabilities such as buffer overruns and format string vulnerabilities have had a devastating effect on the Internet. Worms such as CodeRed and Slammer exploit software vulnerabilities...
Privacy-preserving set operations (2005)
In many important applications, a collection of mutually distrustful parties must perform private computation over multisets. Each party’s input to the function is his private input multiset. In...
Behavioral Distance for Intrusion Detection (2005)
Debin Gao, Michael K. Reiter, Dawn Song
Abstract. We introduce a notion, behavioral distance, for evaluating the extent to which processes—potentially running different programs and executing on different platforms—behave similarly in...
Privacy-preserving set operations (2005)
Abstract. In many important applications, a collection of mutually distrustful parties must perform private computation over multisets. Each party’s input to the function is his private input...
Privacy-preserving set operations (2005)
In many important applications, a collection of mutually distrustful parties must perform private computation over multisets. Each party’s input to the function is his private input multiset. In...
New Streaming Algorithms for Fast Detection (2004)
Shobha Venkataraman, Dawn Song, Phillip B. Gibbons, Avrim Blum, Of Superspreaders, Shobha Venkataraman, ...
OTHER INTELLECTUAL PROPERTY RIGHT. Intel products are not intended for use in
Private keyword-based push and pull with applications to anonymous communication (2004)
Lea Kissner, Alina Oprea, Michael K. Reiter, Dawn Song, Ke Yang
Abstract. We propose a new keyword-based Private Information Retrieval (PIR) model that allows private modification of the database from which information is requested. In our model, the database is...
On gray-box program tracking for anomaly detection (2004)
Debin Gao, Michael K. Reiter, Dawn Song
Rights to individual papers remain with the author or the author's employer. Permission is granted for noncommercial reproduction of the work for educational or research purposes. This copyright...
Detection of interactive stepping stones: Algorithms and confidence bounds (2004)
Avrim Blum, Dawn Song, Shobha Venkataraman
Abstract. Intruders on the Internet often prefer to launch network intrusions indirectly, i.e., using a chain of hosts on the Internet as relay machines using protocols such as Telnet or SSH. This...
Private keyword-based push and pull with applications to anonymous communication (2004)
Lea Kissner, Alina Oprea, Michael K. Reiter, Dawn Song, Ke Yang
Abstract. We propose a new keyword-based Private Information Retrieval (PIR) model that allows private modification of the database from which information is requested. In our model, the database is...
Detection of Interactive Stepping Stones: Algorithms and Confidence Bounds (2004)
Avrim Blum, Dawn Song, Shobha Venkataraman
Intruders on the Internet often prefer to launch network intrusions indirectly, i.e., using a chain of hosts on the Internet as relay machines using protocols such as Telnet or SSH. This type of...
Private and Threshold Set-Intersection (2004)
In this paper we consider the problem of privately computing the intersection of sets (set-intersection), as well as several variations on this problem: cardinality set-intersection, threshold...
Lea Kissner, Alina Oprea, Michael K. Reiter, Dawn Song, Ke Yang
Lea Kissner , Alina Oprea , Michael K. Reiter , Dawn Song , and Ke Yang Dept. of Computer Science, Carnegie Mellon University {leak,alina,yangke}@cs.cmu.edu 2 Dept, of Electrical and Computer...
SIFF: A Stateless Internet Flow Filter to Mitigate DDoS Flooding Attacks (2004)
Abraham Yaar, Adrian Perrig, Dawn Song
One of the fundamental limitations of the Internet is the inability of a packet flow recipient to halt disruptive flows before they consume the recipient's network link resources. Critical...
Dynamic quarantine of internet worms (2004)
Cynthia Wong, Chenxi Wang, Dawn Song, Stan Bielski, Gregory R. Ganger
If we limit the contact rate of worm traffic, can we alleviate and ultimately contain Internet worms? This paper sets out to answer this question. Specifically, we are interested in analyzing...
Dynamic quarantine of internet worms (2004)
Cynthia Wong, Chenxi Wang, Dawn Song, Stan Bielski, Gregory R. Ganger
If we limit the contact rate of worm traffic, can we alleviate and ultimately contain Internet worms? This paper sets out to answer this question. Specifically, we are interested in analyzing...
New Streaming Algorithms for Fast Detection of (2004)
Shobha Venkataraman, Dawn Song, Phillip B. Gibbons, Avrim Blum
conclusions contained here are those of the authors and should not be interpreted as necessarily representing the
Detection of interactive stepping stones: Algorithms and confidence bounds (2004)
Avrim Blum, Dawn Song, Shobha Venkataraman
Abstract. Intruders on the Internet often prefer to launch network intrusions indirectly, i.e., using a chain of hosts on the Internet as relay machines using protocols such as Telnet or SSH. This...
Dynamic quarantine of internet worms (2004)
Cynthia Wong, Chenxi Wang, Dawn Song, Stan Bielski, Gregory R. Ganger
If we limit the contact rate of worm traffic, can we alleviate and ultimately contain Internet worms? This paper sets out to answer this question. Specifically, we are interested in analyzing...
In this paper we introduce GEM (Graph EMbedding for sensor networks), an infrastructure for node-to-node routing and data-centric storage and information processing in sensor networks. In GEM, we...
... horizon. One of the main challenges in sensor networks is to process and aggregate data in the network rather than wasting energy by sending large amounts of raw data to reply to a query. Some...
Pi: A Path Identification Mechanism to Defend against DDoS Attacks (2003)
Abraham Yaar, Adrian Perrig, Dawn Song
Distributed Denial of Service (DDoS) attacks continue to plague the Internet. Defense against these attacks is complicated by spoofed source IP addresses, which make it difficult to determine a...
SIA: Secure Information Aggregation in Sensor Networks (2003)
Bartosz Przydatek, Dawn Song, Adrian Perrig
Sensor networks promise viable solutions to many monitoring problems. However, the practical deployment of sensor networks faces many challenges imposed by real-world demands. Sensor nodes often have...
In this paper we introduce GEM (Graph EMbedding for sensor networks), an infrastructure for node-to-node routing and data-centric storage and information processing in sensor networks. In GEM, we...
Random Key Predistribution Schemes for Sensor Networks (2003)
Haowen Chan Adrian, Adrian Perrig, Dawn Song
Key establishment in sensor networks is a challenging problem because asymmetric key cryptosystems are unsuitable for use in resource constrained sensor nodes, and also because the nodes could be...
Random Key Predistribution Schemes for Sensor Networks (2003)
Haowen Chan Adrian, Adrian Perrig, Dawn Song
Key establishment in sensor networks is a challenging problem because asymmetric key cryptosystems are unsuitable for use in resource constrained sensor nodes, and also because the nodes could be...
Quasi-efficient revocation of group signatures (2002)
Abstract. A group signature scheme allows any group member to sign on behalf of the group in an anonymous and unlinkable fashion. In the event of a dispute, a designated trusted entity can reveal the...
Mitigating buffer overflows by operating system randomization (2002)
Abstract We propose three methods for mitigating buffer overflows by using operating system randomization: randomization of system call mappings, randomization of global library entry points, and...
Quasi-efficient revocation of group signatures (2002)
Abstract. Several interesting group signature schemes have been proposed todate. However, in order for the entire group signature concept to become practical and credible, the problem of secure and...
Expander graphs for digital stream authentication and robust overlay networks (2002)
Dawn Song, David Zuckerman, J. D. Tygar
We use expander graphs to provide ecient new constructions for two security applications: authentication of long digital streams over lossy networks and building scalable, robust overlay networks....
The TESLA Broadcast Authentication Protocol (2002)
Adrian Perrig, Ran Canetti, J. D. Tygar, Dawn Song
One of the main challenges of securing broadcast communication is source authentication, or enabling receivers of broadcast data to verify that the received data really originates from the claimed...
Homomorphic signature schemes (2002)
Robert Johnson, David Molnar, Dawn Song, David Wagner
Abstract. Privacy homomorphisms, encryption schemes that are also homomorphisms relative to some binary operation, have been studied for some time, but one may also consider the analogous problem of...
The TESLA Broadcast Authentication Protocol (2002)
Adrian Perrig Ran, Ran Canetti, J. D. Tygar, Dawn Song
One of the main challenges of securing broadcast communication is source authentication, or enabling receivers of broadcast data to verify that the received data really originates from the claimed...
Homomorphic signature schemes (2002)
Robert Johnson, David Molnar, Dawn Song, David Wagner
Abstract. Privacy homomorphisms, encryption schemes that are also homomorphisms relative to some binary operation, have been studied for some time, but one may also consider the analogous problem of...
Scott Crosby, Ian Goldberg, Robert Johnson, Dawn Song, David Wagner
We describe a weakness in the High Bandwidth Digital Content Protection (HDCP) scheme which may lead to practical attacks. HDCP is a proposed identity-based cryptosystem for use over the Digital...
ELK, a New Protocol for Efficient Large-Group Key Distribution (2001)
Adrian Perrig, Dawn Song, J. D. Tygar
Secure media broadcast over the Internet poses unique security challenges. One problem access control to a large number of subscribers in a public broadcast. A common solution is to encrypt the...
Athena: a novel approach to efficient automatic security protocol analysis (2001)
Dawn Song, Sergey Berezin, Adrian Perrig
protocol analysis
A cryptanalysis of the high-bandwidth digital content protection system (2001)
Scott Crosby, Ian Goldberg, Robert Johnson, Dawn Song, David Wagner
ELK, a New Protocol for Efficient Large-Group Key Distribution (2001)
Adrian Perrig, Dawn Song, J. D. Tygar
Secure media broadcast over the Internet poses unique security challenges. One problem access control to a large number of subscribers in a public broadcast. A common solution is to encrypt the...
Efficient and secure source authentication for multicast (2001)
Adrian Perrig, Ran Canetti, Dawn Song, J. D. Tygar
One of the main challenges of securing multicast communication is source authentication, or enabling receivers of multicast data to verify that the received data originated with the claimed source...
Efficient and secure source authentication for multicast (2001)
Adrian Perrig, Ran Canetti, Dawn Song, J. D. Tygar
One of the main challenges of securing multicast communication is source authentication, or enabling receivers of multicast data to verify that the received data originated with the claimed source...
Efficient and secure source authentication for multicast (2001)
Adrian Perrig, Ran Canetti, Dawn Song, J. D. Tygar
One of the main challenges of securing multicast communication is source authentication, or enabling receivers of multicast data to verify that the received data originated with the claimed source...
ELK: A new protocol for efficient large-group key distribution,” proceedings (2001)
Adrian Perfig, Dawn Song, J. D. Tygar
Secure media broadcast over the Internet poses unique security challenges. One problem access control to a large number of subscribers ' in a public broadcast. A common solution is ' to...
Efficient and secure source authentication for multicast (2001)
Adrian Perrig, Ran Canetti, Dawn Song, J. D. Tygar
One of the main challenges of securing multicast communication is source authentication, or enabling receivers of multicast data to verify that the received data originated with the claimed source...
ELK: A new protocol for efficient large-group key distribution,” proceedings (2001)
Adrian Perfig, Dawn Song, J. D. Tygar
Secure media broadcast over the Internet poses unique security challenges. One problem access control to a large number of subscribers ' in a public broadcast. A common solution is ' to...
A cryptanalysis of the high-bandwidth digital content protection system (2001)
Scott Crosby, Ian Goldberg, Robert Johnson, Dawn Song, David Wagner
ELK, a New Protocol for Efficient Large-Group Key Distribution (2001)
Adrian Perrig, Dawn Song, J. D. Tygar
Secure media broadcast over the Internet poses unique security challenges. One problem access control to a large number of subscribers in a public broadcast. A common solution is to encrypt the...
Quasi-Efficient Revocation of Group Signatures (2001)
Giuseppe Ateniese, Dawn Song, Gene Tsudik
Several interesting group signature schemes have been proposed todate.
Efficient and secure source authentication for multicast (2001)
Adrian Perrig, Ran Canetti, Dawn Song, J. D. Tygar
One of the main challenges of securing multicast communication is source authentication, or enabling receivers of multicast data to verify that the received data originated with the claimed source...
A cryptanalysis of the high-bandwidth digital content protection system (2001)
Scott Crosby, Ian Goldberg, Robert Johnson, Dawn Song, David Wagner
Abstract. We describe a weakness in the High Bandwidth Digital Content Protection (HDCP) scheme which may lead to practical attacks. HDCP is a proposed identity-based cryptosystem for use over the...
Efficient and secure source authentication for multicast (2001)
Adrian Perrig, Ran Canetti, Dawn Song, J. D. Tygar
One of the main challenges of securing multicast communication is source authentication, or enabling receivers of multicast data to verify that the received data originated with the claimed source...
On a First Step to the Automatic Generation of Security Protocol (2000)
This paper describes automatic protocol generation (APG for short), a novel mechanism to generate security protocols automatically. With APG, the protocol designer inputs the specification of the...
Advanced and Authenticated Marking Schemes for IP Traceback (2000)
Dawn X. Song, Dawn Song, Adrian Perrig, Adrian Perrig
Denial-of-service attacks are among the hardest security problem on today's Internet. One difficulty to thwart these denial-of-service attacks is to trace the source of the attacks because they...
A First Step towards the Automatic Generation of Security Protocols (2000)
Adrian Perrig Perrig, Dawn Song
This paper describes automatic protocol generation (APG for short), a novel mechanism to generate security protocols automatically. With APG, the protocol designer inputs the specification of the...
In this paper, we describe our new results in developing and extending Automatic Protocol Generation (APG), an approach to automatically generate security protocols. We explore two-party mutual...
A First Step towards the Automatic Generation of Security Protocols (2000)
This paper describes automatic protocol generation (APG for short), a novel mechanism to generate security protocols automatically. With APG, the protocol designer inputs the specification of the...
A First Step towards the Automatic Generation of Security Protocols (2000)
Adrian Perrig Perrig, Dawn Song
This paper describes automatic protocol generation (APG for short), a novel mechanism to generate security protocols automatically. With APG, the protocol designer inputs the specification of the...
Hash Visualization: a New Technique to improve Real-World Security (1999)
Current security systems suffer from the fact that they fail to account for human factors. This paper considers two human limitations: First, people are slow and unreliable when comparing meaningless...
User Recognition by Keystroke Latency Pattern Analysis (1997)
Dawn Song, Peter Venable, Adrian Perrig
We analyze keystroke latency patterns to identify the person typing on the keyboard. Unlike previous work in this domain, which focused on taking one reference sample and doing user authentication...
SMIF: A Framework for Secure Multicast Intercommunication (1997)
Dawn Song, Yang-hua Chu, Adrian Perrig
this report we describe the SMIF framework, an environment that supplies a system designer with building blocks that let him realize a wide variety of dierent security requirements. In addition the...
Dawn Song, Peter Venable, Adrian Perrig
Abstract We are analyzing keystroke latency patterns to identify the person typing on the keyboard. Unlike previous work in this domain, which focused on taking one reference sample and doing user...
Dawn Song, Peter Venable, Adrian Perrig
We analyze keystroke latency patterns to identify the person typing on the keyboard. Unlike previouswork in this domain, which focused on taking one reference sample and doing user authentication...
New Streaming Algorithms for Fast Detection of Superspreaders
Shobha Venkataraman Dawn, Dawn Song, Phillip B. Gibbons, Avrim Blum
High-speed monitoring of Internet traffic is an important and challenging problem, with applications to realtime attack detection and mitigation, traffic engineering, etc. However, packet-level...