• Publications
  • Influence
Eraser: a dynamic data race detector for multithreaded programs
TLDR
A new tool, called Eraser, is described, for dynamically detecting data races in lock-based multithreaded programs, which uses binary rewriting techniques to monitor every shared-monory reference and verify that consistent locking behavior is observed. Expand
Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds
TLDR
It is shown that it is possible to map the internal cloud infrastructure, identify where a particular target VM is likely to reside, and then instantiate new VMs until one is placed co-resident with the target, and how such placement can then be used to mount cross-VM side-channel attacks to extract information from a target VM on the same machine. Expand
Practical network support for IP traceback
TLDR
A general purpose traceback mechanism based on probabilistic packet marking in the network that allows a victim to identify the network path(s) traversed by attack traffic without requiring interactive operational support from Internet Service Providers (ISPs). Expand
802.11 Denial-of-Service Attacks: Real Vulnerabilities and Practical Solutions
TLDR
This paper provides an experimental analysis of 802.11-specific attacks - their practicality, their efficacy and potential low-overhead implementation changes to mitigate the underlying vulnerabilities. Expand
Comprehensive Experimental Analyses of Automotive Attack Surfaces
TLDR
This work discovers that remote exploitation is feasible via a broad range of attack vectors (including mechanics tools, CD players, Bluetooth and cellular radio), and further, that wireless communications channels allow long distance vehicle control, location tracking, in-cabin audio exfiltration and theft. Expand
Network support for IP traceback
TLDR
A general purpose traceback mechanism based on probabilistic packet marking in the network that allows a victim to identify the network path(s) traversed by attack traffic without requiring interactive operational support from Internet Service Providers (ISPs). Expand
Inside the Slammer Worm
The Slammer worm spread so quickly that human response was ineffective. In January 2003, it packed a benign payload, but its disruptive capacity was surprising. Why was it so effective and what newExpand
Beyond blacklists: learning to detect malicious web sites from suspicious URLs
TLDR
This paper describes an approach to this problem based on automated URL classification, using statistical methods to discover the tell-tale lexical and host-based properties of malicious Web site URLs. Expand
Total Recall: System Support for Automated Availability Management
TLDR
The motivation, architecture and implementation for a new peer-to-peer storage system, called TotalRecall, that automates the task of availability management, which automatically measures and estimates the availability of its constituent host components, predicts their future availability based on past behavior, and delivers user-specified availability while maximizing efficiency. Expand
Modeling TCP latency
TLDR
The extended model characterizes the expected value and distribution of TCP connection establishment and data transfer latency as a function of transfer size, round trip time, and packet loss rate, and it is shown that, unlike earlier steady-state models for TCP performance, the extended model describes connectionestablishment and dataTransfer latency under a range of packet loss conditions, including no loss. Expand
...
1
2
3
4
5
...