Bitcoin: A Peer-to-Peer Electronic Cash System

The paper presents Bitcoin, a P2P currency system that no one can track where money flows. It’s something like Bittorent, Tor network but for currency. The system is well designed but the paper is somehow too short to describe the whole things. I’m a …

Qubes Secure OS

Article: http://qubes-os.org/files/doc/arch-spec-0.3.pdf

This article explain the design and implementation of Qubes. An operating system for desktop and laptop computer that provides isolation between application. It uses Xen Hypervisor and hardware virtualization technology (Intel VT and AMD-V) to providing isolation

Abstract: “Qubes is an open source operating system designed to provide strong security for desktop computing. Qubes is …

Auto Reverse Engineering of Data Structures from Binary

Extracting programs’ data structures to understand their syntactic and semantic meanings is very important for forensic and security purposes. Previous methods used to extract a program’s data structures often have shortcomings:

1. Requiring the program’s source code

2. Using static analysis

In the paper, the authors propose a prototype system called “REWARDS” which helps revealing programs’ data structures …

ASLR smack and laugh reference

This week we talked about some attacks on ASLR, including brute force, ret2text, ret2heap, fncptr, etc

Below is the audio recording of our discussion.

ASLR discussion – audio

Stay tune for next week. We are going to have a live demo of some of those attacks.

On the effectiveness of address-space randomization

Buffer overflow based attacks are one of today’s most serious security threats. In this paper, the authors analyze shortcomings of current techniques used in countering buffer overflow attacks:

Stack Protection
Pointer Protection
Memory pages protection
Address obfuscation
Address space randomization (the strongest deemed technique)

The authors prove that address space layout randomization (ASLR) is not immune to buffer overflow attack by …

Return oriented programming

http://cseweb.ucsd.edu/~hovav/dist/geometry.pdf

Many current anti-malware techniques try to stop attacks by preventing injection of new code into the system. The assumption is that an attacker wont be able to achieve his goal if he could not introduce new (and potentially malicious) code. What good would it do for an attacker if he can only execute …

The Google file system

The Google file system (GFS) was designed to meet the rapidly growing requirements of Google’s data processing. Some key observations of Google application workloads and technological environment offered both challenges and opportunities to implement GFS. GFS has to cope with the volatile hardware components, the huge data processing, the concurrent access from multiple clients, and the fact that most …

SNARE: Network Level Automatic Reputation Engine

Conference: Usenix Security Symposium 2009

Authors:

Shuang Hao, Nadeem Ahmed Syed, Nick Feamster, Alexander G. Gray (Gatech)

Sven Krasser (McAfee, Inc)

In this paper the Authors propose a spam classfier which besides has the same  detection accuracy as current popular classifers like McAfee’s Trusted Source, is automatic and use network – level lightweight and robust features.

Currently, there’re two methods to …

Otherworld – Surviving OS Kernel Crashes

Abstract

The default behavior of all commodity operating systems today is to restart the system when a critical error is encountered in the kernel. This terminates all running applications
with an attendant loss of ”work in progress” that is nonpersistent.

Otherworld is a mechanism that microreboots the operating system kernel when a critical error is encountered in the kernel, …