The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Protection of memory is very significant for preventing computer system from vulnerabilities, malware or runtime reverse engineering. We introduce SecPage (Secure Page), a new hardware/software memory protection architecture. New architecture provides isolated memory environment to protect sensitive code and data. The security of SecPage mechanism is achieved by adding extensional dedicated instructions...
For the information system, Database acts an important role in it. How to find a way to audit the operation of the database is becoming more and more important. An effective database auditing system can not only reduce the potential security risk, also make it possible to trace the source when errors happen. In this paper, we design and implement an effective audit framework. To avoid causing any...
A covert channel is a communication channel that bypasses the access controls of the system, and it is a threat to the system's security. In this paper, we propose a new covert timing channel which exploits the algorithmic complexity vulnerabilities in the name lookup algorithm of the kernel. This covert channel has a high capacity and it is practically exploitable. In our experiments, the data rate...
The principle and methods of Support Vector Machine (SVM) are introduced in this dissertation, evaluation indicators system and early warning systems for oil security are established. On this basis, SVM algorithm and oil security evaluation system are combined to evaluate for oil security. The predicted result showing that it has higher accuracy, Therefore, the safety evaluation index system in the...
A static vulnerability detection method based on an extended vulnerability state machine is proposed in this paper. In this method, the state space of state machine model is extended. The security state of a variable can be identified by a property set that may consist of multiple security-related properties rather than a single property. As results, fine-grained state transition is provided to support...
The existing code injection attack defense methods have some deficiencies on performance overhead and effectiveness. In order to ensure the system performance, we propose a method that uses system call randomization to counter code injection attacks based on instruction set randomization idea. An injected code would perform its actions with system calls. System call randomization on operating system...
The integer sign vulnerability is a comparatively new and subtle type of vulnerabilities, they can compromise system security. Especially, if a sign vulnerability occurs in operating system kernel, it may result in very serious invalid read/write operations to kernel memory area. Unfortunately, little attention has been paid to static detecting them automatically. This paper presents a novel approach...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.