Sec ’ 13 : 22 nd USENIX Security Symposium

ErsatzPasswords - Ending Password Cracking

This work was supported, in part, by a grant from the Northrop Grumman Corporation, National Science Foundation Grants CPS-1329979, Science and Technology Center CCF-0939370, and EAGER-1548114. [1] Everspaugh, A., Chatterjee, R. , Scott, S., Juels, A., and Ristenpart, T. 2015. The pythia PRF service. In Proceedings of the 24th USENIX Conference on Security Symposium (SEC’15). USENIX Association...

NetKuang - A Multi-Host Configuration Vulnerability Checker

NetKuang is an extension to Baldwin's SU-Kuang. It runs on networks of computers using Unix and can nd vulnerabilities created by poor system con guration. Vulnerabilities are discovered using a backwards goal-based search that is breadthrst on individual hosts and parallel when multiple hosts are checked. An implementation in C++ found real vulnerabilities on production systems. Tests show rea...

Sting : an Automatic Defense System against Zero - Day Worm Attacks Seminar

Dawn Song is an Assistant Professor at Carnegie Mellon University. She obtained her PhD in Computer Science from UC Berkeley. Her research interest lies in security and privacy issues in computer systems and networks. She is the author of more than 35 research papers in areas ranging from software security, networking security, database security, distributed systems security, to applied cryptog...

Security Analysis of the Palm Operating System and its Weaknesses Against Malicious Code Threats

Portable devices, such as Personal Digital Assistants (PDAs), are particularly vulnerable to malicious code threats due to their widespread implementation and current lack of a security framework. Although well known in the security industry to be insecure, PDAs are ubiquitous in enterprise environments and are being used for such applications as one-time-password generation, storage of medical...

MIME Object Security Services: Issues in a Multi-User Environment