Search

Your search keyword '"Doug Tygar"' showing total 224 results
Start Over Author "Doug Tygar"
224 results on '"Doug Tygar"'

8. Adversarial Active Learning.

Author

Brad Miller, Alex Kantchelian, Sadia Afroz 0001, Rekha Bachwani, Edwin Dauber, Ling Huang 0001, Michael Carl Tschantz, Anthony D. Joseph, and J. Doug Tygar

Published
2014
Full Text
View/download PDF

21. Cyber defense technology networking and evaluation.

Author

Ruzena Bajcsy, Terry Benzel, Matt Bishop, Robert Braden, Carla E. Brodley, Sonia Fahmy, Sally Floyd, Wes Hardaker, Anthony D. Joseph, George Kesidis, Karl N. Levitt, Robert Lindell, Peng Liu 0005, David J. Miller 0001, Russ Mundy, Clifford Neuman, Ron Ostrenga, Vern Paxson, Phillip A. Porras, Catherine Rosenberg, J. Doug Tygar, Shankar Sastry 0001, Daniel F. Sterne, and Shyhtsun Felix Wu

Published
2004
Full Text
View/download PDF

23. SWOON: A Testbed for Secure Wireless Overlay Networks.

Author

Yu-Lun Huang, J. Doug Tygar, Hsiao-Ying Lin, L. Y. Yeh, Hsin-Yi Tsai, Keith Sklower, Shiuh-Pyng Shieh, C. C. Wu, P. H. Lu, S. Y. Chien, Z. S. Lin, L. W. Hsu, Chia-Wei Hsu, C. T. Hsu, Y. C. Wu, and M. S. Leong

Published
2008

36. Micro tools.

Author

Allan Heydon, Mark W. Maimone, J. Doug Tygar, Jeannette M. Wing, and Amy Moormann Zaremski

Published
1989
Full Text
View/download PDF

38. Advances in Software Engineering Techniques

Author

John C. Mitchell, Jon Kleinberg, Madhu Sudan, C. Pandu Rangan, Bernhard Steffen, Demetri Terzopoulos, Moshe Y. Vardi, Doug Tygar, Moni Naor, Friedemann Mattern, David Hutchison, Gerhard Weikum, Josef Kittler, Tomasz Szmuc, Jaroslav Zendulka, Oscar Nierstrasz, Takeo Kanade, Marcin Szpyrka, Lancaster University, Carnegie Mellon University [Pittsburgh] (CMU), University of Surrey (UNIS), Cornell University [New York], Eidgenössische Technische Hochschule - Swiss Federal Institute of Technology [Zürich] (ETH Zürich), Stanford University, Weizmann Institute of Science [Rehovot, Israël], University of Bern, Indian Institute of Technology Madras (IIT Madras), Massachusetts Institute of Technology (MIT), University of California [Los Angeles] (UCLA), University of California, Rice University [Houston], AGH University of Science and Technology [Krakow, PL] (AGH UST), Brno University of Technology [Brno] (BUT), and TC 2

Subjects
010201 computation theory & mathematics, business.industry, Computer science, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, [INFO]Computer Science [cs], 0102 computer and information sciences, 02 engineering and technology, Software engineering, business, 01 natural sciences
Abstract

International audience; Book Front Matter of LNCS 7054

Published
2012
Full Text
View/download PDF

40. Panel: Authentication in Constrained Environments

Author

Yuliang Zheng, Mike Burmester, Virgil D. Gligor, Doug Tygar, and Evangelos Kranakis

Subjects
Authentication, Computer science, Wireless ad hoc network, business.industry, Authentication protocol, Mobile computing, Computer security, computer.software_genre, Merkle tree, business, computer, Block cipher, Computer network
Abstract

This paper contains the summary of a panel on authentication in constrained environments held during the Secure MADNES'05 Workshop. These were transcribed from hand-written notes.

Published
2006
Full Text
View/download PDF

41. Computer Security in the 21st Century

Author

J. Doug Tygar, S. P. Shieh, and Der-Tsai Lee

Subjects
World Wide Web, Cloud computing security, Security service, Computer science, Security through obscurity, Computer security model, Asset (computer security), Computer security, computer.software_genre, Security information and event management, computer, Logical security, Threat
Abstract

Computer Security in the 21st Century shares some of the emerging important research trends reflected in recent advances in computer security, including: security protocol design, secure peer-to-peer and ad hoc networks, multimedia security, and intrusion detection, defense and measurement. Highlights include presentations of : -Fundamental new security -Cryptographic protocols and design, -A new way of measuring network vulnerability: attack surfaces, -Network vulnerability and building impenetrable systems, -Multimedia content protection including a new standard for photographic images, JPEG2000. Researchers and computer security developers will find in this book interesting and useful insights into building computer systems that protect against computer worms, computer viruses, and other related concerns.

Published
2005
Full Text
View/download PDF

42. Machine Learning Methods for Computer Security (Dagstuhl Perspectives Workshop 12371)

Author

Anthony D. Joseph and Pavel Laskov and Fabio Roli and J. Doug Tygar and Blaine Nelson, Joseph, Anthony D., Laskov, Pavel, Roli, Fabio, Tygar, J. Doug, Nelson, Blaine, Anthony D. Joseph and Pavel Laskov and Fabio Roli and J. Doug Tygar and Blaine Nelson, Joseph, Anthony D., Laskov, Pavel, Roli, Fabio, Tygar, J. Doug, and Nelson, Blaine

Abstract

The study of learning in adversarial environments is an emerging discipline at the juncture between machine learning and computer security. The interest in learning-based methods for security- and system-design applications comes from the high degree of complexity of phenomena underlying the security and reliability of computer systems. As it becomes increasingly difficult to reach the desired properties solely using statically designed mechanisms, learning methods are being used more and more to obtain a better understanding of various data collected from these complex systems. However, learning approaches can be evaded by adversaries, who change their behavior in response to the learning methods. To-date, there has been limited research into learning techniques that are resilient to attacks with provable robustness guarantees The Perspectives Workshop, "Machine Learning Methods for Computer Security" was convened to bring together interested researchers from both the computer security and machine learning communities to discuss techniques, challenges, and future research directions for secure learning and learning-based security applications. As a result of the twenty-two invited presentations, workgroup sessions and informal discussion, several priority areas of research were identified. The open problems identified in the field ranged from traditional applications of machine learning in security, such as attack detection and analysis of malicious software, to methodological issues related to secure learning, especially the development of new formal approaches with provable security guarantees. Finally a number of other potential applications were pinpointed outside of the traditional scope of computer security in which security issues may also arise in connection with data-driven methods. Examples of such applications are social media spam, plagiarism detection, authorship identification, copyright enforcement, computer vision (particularly in the context of bio

Published
2013
Full Text
View/download PDF

43. Computer Security in the 21st Century

Author

D.T. Lee, S. P. Shieh, J. Doug Tygar, D.T. Lee, S. P. Shieh, and J. Doug Tygar

Subjects
Cryptography, Data encryption (Computer science), Computer networks, Data structures (Computer science), Information theory, Artificial intelligence—Data processing, Telecommunication
Abstract

Computer Security in the 21st Century shares some of the emerging important research trends reflected in recent advances in computer security, including: security protocol design, secure peer-to-peer and ad hoc networks, multimedia security, and intrusion detection, defense and measurement. Highlights include presentations of : - Fundamental new security - Cryptographic protocols and design, - A new way of measuring network vulnerability: attack surfaces, - Network vulnerability and building impenetrable systems, - Multimedia content protection including a new standard for photographic images, JPEG2000. Researchers and computer security developers will find in this book interesting and useful insights into building computer systems that protect against computer worms, computer viruses, and other related concerns.

Published
2005

44. Randomly Partitioned Encryption for Cloud Databases

Author

Lucas Braun, Donald Kossmann, Tahmineh Sanamrad, Ramarathnam Venkatesan, Eidgenössische Technische Hochschule - Swiss Federal Institute of Technology [Zürich] (ETH Zürich), Microsoft Research, David Hutchison, Takeo Kanade, Bernhard Steffen, Demetri Terzopoulos, Doug Tygar, Gerhard Weikum, Vijay Atluri, Günther Pernul, Josef Kittler, Jon M. Kleinberg, Alfred Kobsa, Friedemann Mattern, John C. Mitchell, Moni Naor, Oscar Nierstrasz, C. Pandu Rangan, TC 11, and WG 11.3

Subjects
Database Encryption, Computer science, Efficient Query Processing, 02 engineering and technology, Database encryption, Encryption, computer.software_genre, Computer security, Watermarking attack, Randomly Partitioned Encryption, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, [INFO]Computer Science [cs], Domain Attack, Database, business.industry, Client-side encryption, Query Log Attack, Probabilistic encryption, 40-bit encryption, 56-bit encryption, 020201 artificial intelligence & image processing, On-the-fly encryption, Frequency Attack, business, computer
Abstract

International audience; With the current advances in Cloud Computing, outsourcing data has never been so tempting. Along with outsourcing a database comes the privacy versus performance discussion. Order-Preserving Encryption (OPE) is one of the most attractive techniques for database encryption since it allows to execute range and rank queries efficiently without decrypting the data. On the other hand, people are reluctant to use OPE-based techniques in practice because of their vulnerability against adversaries with knowledge of the domain, its frequency distribution and query logs. This paper formally defines three real world driven attacks, called Domain Attack, Frequency Attack and Query Log Attack, typically launched by an honest-but-curious database or systems administrator. We also introduce measures to capture the probability distribution of the adversary’s advantage under each attacker model. Most importantly, we present a novel technique called Randomly Partitioned Encryption (RPE) to minimize the adversary’s advantage. Finally, we show that RPE not only withstands real world database adversaries, but also shows good performance that is close to state-of-art OPE schemes for both, read- and write-intensive workloads.

Published
2014
Full Text
View/download PDF

45. Incremental Analysis of Evolving Administrative Role Based Access Control Policies

Author

Anh Truong, Silvio Ranise, Fondazione Bruno Kessler [Trento, Italy] (FBK), Università degli Studi di Trento (UNITN), David Hutchison, Takeo Kanade, Bernhard Steffen, Demetri Terzopoulos, Doug Tygar, Gerhard Weikum, Vijay Atluri, Günther Pernul, Josef Kittler, Jon M. Kleinberg, Alfred Kobsa, Friedemann Mattern, John C. Mitchell, Moni Naor, Oscar Nierstrasz, C. Pandu Rangan, TC 11, and WG 11.3

Subjects
021110 strategic, defence & security studies, Sequence, Engineering, business.industry, Compromise, media_common.quotation_subject, 0211 other engineering and technologies, 020207 software engineering, Access control, 02 engineering and technology, Computer security, computer.software_genre, Risk analysis (engineering), 0202 electrical engineering, electronic engineering, information engineering, Role-based access control, [INFO]Computer Science [cs], Element (criminal law), Set (psychology), business, computer, media_common
Abstract

International audience; We consider the safety problem for Administrative Role-Based Access Control (ARBAC) policies, i.e. detecting whether sequences of administrative actions can result in policies by which a user can acquire permissions that may compromise some security goals. In particular, we are interested in sequences of safety problems generated by modifications (namely, adding/deleting an element to/from the set of possible actions) to an ARBAC policy accommodating the evolving needs of an organization. or resulting from fixing some safety issues. Since problems in such sequences share almost all administrative actions, we propose an incremental technique that avoids the re-computation of the solution to the current problem by re-using much of the work done on the previous problem in a sequence. An experimental evaluation shows the better performances of an implementation of our technique with respect to the only available approach to solve safety problems for evolving ARBAC policies proposed by Gofman, Luo, and Yang.

Published
2014
Full Text
View/download PDF

46. Integrity Assurance for Outsourced Databases without DBMS Modification

Author

Ting Yu, Wei Wei, North Carolina State University [Raleigh] (NC State), University of North Carolina System (UNC), Qatar Computing Research Institute [Doha, Qatar] (QCRI), David Hutchison, Takeo Kanade, Bernhard Steffen, Demetri Terzopoulos, Doug Tygar, Gerhard Weikum, Vijay Atluri, Günther Pernul, Josef Kittler, Jon M. Kleinberg, Alfred Kobsa, Friedemann Mattern, John C. Mitchell, Moni Naor, Oscar Nierstrasz, C. Pandu Rangan, TC 11, and WG 11.3

Subjects
Scheme (programming language), Authentication, Database, Relational database, Computer science, Serialization, Radix-Path Identifier, Data Integrity, 020206 networking & telecommunications, 02 engineering and technology, computer.software_genre, Data retrieval, Database Outsourcing, 020204 information systems, Data integrity, 0202 electrical engineering, electronic engineering, information engineering, Overhead (computing), [INFO]Computer Science [cs], computer, Server-side, computer.programming_language
Abstract

International audience; Database outsourcing has become increasingly popular as a cost-effective solution to provide database services to clients. Previous work proposed different approaches to ensuring data integrity, one of the most important security concerns in database outsourcing. However, to the best of our knowledge, existing approaches require modification of DBMSs to facilitate data authentication, which greatly hampers their adoption in practice. In this paper, we present the design and implementation of an efficient and practical integrity assurance scheme without requiring any modification to the DBMS at the server side. We develop novel schemes to serialize Merkle B-tree based authentication structures into a relational database that allows efficient data retrieval for integrity verification. We design efficient algorithms to accelerate query processing with integrity protection. We further build a proof-of-concept prototype and conduct extensive experiments to evaluate the performance overhead of the proposed schemes. The experimental results show that our scheme imposes a low overhead for queries and a reasonable overhead for updates while ensuring integrity of an outsourced database without special support from server-side DBMSs.

Published
2014
Full Text
View/download PDF

47. Optimizing Integrity Checks for Join Queries in the Cloud

Author

Sara Foresti, Sabrina De Capitani di Vimercati, Pierangela Samarati, Sushil Jajodia, Stefano Paraboschi, Università degli Studi di Milano [Milano] (UNIMI), George Mason University [Fairfax], Università di Bergamo, David Hutchison, Takeo Kanade, Bernhard Steffen, Demetri Terzopoulos, Doug Tygar, Gerhard Weikum, Vijay Atluri, Günther Pernul, Josef Kittler, Jon M. Kleinberg, Alfred Kobsa, Friedemann Mattern, John C. Mitchell, Moni Naor, Oscar Nierstrasz, C. Pandu Rangan, TC 11, and WG 11.3

Subjects
business.industry, Computer science, 020206 networking & telecommunications, Cloud computing, 02 engineering and technology, Limiting, Computer security, computer.software_genre, Variety (cybernetics), Overhead (business), If and only if, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, [INFO]Computer Science [cs], Settore ING-INF/05 - Sistemi di Elaborazione delle Informazioni, business, computer, Diversity (business)
Abstract

International audience; The large adoption of the cloud paradigm is introducing more and more scenarios where users can access data and services with an unprecedented convenience, just relying on the storage and computational power offered by external providers. Also, users can enjoy a diversity and variety of offers, with the possibility of choosing services by different providers as they best suit their needs. With the growth of the market, economic factors have become one of the crucial aspects in the choice of services. However, security remains a major concern and users will be free to actually benefit from the diversity and variety of such offers only if they can also have proper security guarantees on the services. In this paper, we build upon a recent proposal for assessing integrity of computations performed by potentially untrusted providers introducing some optimizations, thus limiting the overhead to be paid for integrity guarantees, and making it suitable to more scenarios.

Published
2014
Full Text
View/download PDF

48. Mining Attribute-Based Access Control Policies from Logs

Author

Zhongyuan Xu, Scott D. Stoller, Stony Brook University [SUNY] (SBU), State University of New York (SUNY), David Hutchison, Takeo Kanade, Bernhard Steffen, Demetri Terzopoulos, Doug Tygar, Gerhard Weikum, Vijay Atluri, Günther Pernul, Josef Kittler, Jon M. Kleinberg, Alfred Kobsa, Friedemann Mattern, John C. Mitchell, Moni Naor, Oscar Nierstrasz, C. Pandu Rangan, TC 11, and WG 11.3

Subjects
Flexibility (engineering), 021110 strategic, defence & security studies, Database, business.industry, Computer science, Information sharing, 0211 other engineering and technologies, Access control, 02 engineering and technology, Attribute-based access control, computer.software_genre, Semantic similarity, Inductive logic programming, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, [INFO]Computer Science [cs], business, computer
Abstract

International audience; Attribute-based access control (ABAC) provides a high level of flexibility that promotes security and information sharing. ABAC policy mining algorithms have potential to significantly reduce the cost of migration to ABAC, by partially automating the development of an ABAC policy from information about the existing access-control policy and attribute data. This paper presents an algorithm for mining ABAC policies from operation logs and attribute data. To the best of our knowledge, it is the first algorithm for this problem.

Published
2014
Full Text
View/download PDF

49. GreenBrowsing: Towards Energy Efficiency in Browsing Experience

Author

Luís Veiga, Gonçalo Avelar, Instituto de Engenharia de Sistemas e Computadores, Investigação e Desenvolvimento em Lisboa (INESC-ID), Institute for Systems and Computer Engineering, Technology and Science [Porto] (INESC TEC), David Hutchison, Takeo Kanade, Bernhard Steffen, Demetri Terzopoulos, Doug Tygar, Gerhard Weikum, Kostas Magoutis, Peter Pietzuch, Josef Kittler, Jon M. Kleinberg, Alfred Kobsa, Friedemann Mattern, John C. Mitchell, Moni Naor, Oscar Nierstrasz, C. Pandu Rangan, TC 6, and WG 6.1

Subjects
Web server, Web development, Computer science, 0211 other engineering and technologies, 02 engineering and technology, computer.software_genre, Web API, World Wide Web, [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], Web page, Web design, 0202 electrical engineering, electronic engineering, information engineering, Web navigation, [INFO]Computer Science [cs], green IT, energy efficiency, 021106 design practice & management, Client-side scripting, Database, business.industry, web browser, 020208 electrical & electronic engineering, web page certification, Static web page, power consumption, business, computer
Abstract

International audience; Web 2.0 allowed for the enhancement and revamp of web pages’ aesthetics and interaction mechanics. Moreover, current web browsers function almost as a de facto operating system: they run “apps”, along with other background plug-ins. All of which have an increasing energy impact, proportional to the rate of appearance of more sophisticated browser mechanisms and web content. We present the architecture of GreenBrowsing. A system that proposes the provision of (i) a Google Chrome extension to monitor, rationalize and reduce the energy consumption of the browsing experience and (ii) a Certification Scheme for dynamic web pages, based on web-page performance counter statistics and analysis, performed on the cloud.

Published
2014
Full Text
View/download PDF

50. Scalable and Accurate Causality Tracking for Eventually Consistent Stores

Author

Carlos Baquero, Nuno Preguiça, Ricardo Gonçalves, Paulo Sérgio Almeida, Victor Fonte, Institute for Systems and Computer Engineering, Technology and Science [Porto] (INESC TEC), Universidade de Lisboa (ULISBOA), David Hutchison, Takeo Kanade, Bernhard Steffen, Demetri Terzopoulos, Doug Tygar, Gerhard Weikum, Kostas Magoutis, Peter Pietzuch, Josef Kittler, Jon M. Kleinberg, Alfred Kobsa, Friedemann Mattern, John C. Mitchell, Moni Naor, Oscar Nierstrasz, C. Pandu Rangan, TC 6, WG 6.1, and Universidade do Minho

Subjects
business.industry, Computer science, Distributed computing, Replica, Cloud computing, 0102 computer and information sciences, 02 engineering and technology, Version vector, 01 natural sciences, Causality (physics), [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], 010201 computation theory & mathematics, 020204 information systems, Server, Scalability, 0202 electrical engineering, electronic engineering, information engineering, Logical clock, Optimistic replication, [INFO]Computer Science [cs], business
Abstract

Lecture Notes in Computer Science 8460, 2014, In cloud computing environments, data storage systems often rely on optimistic replication to provide good performance and availability even in the presence of failures or network partitions. In this scenario, it is important to be able to accurately and efficiently identify updates executed concurrently. Current approaches to causality tracking in optimistic replication have problems with concurrent updates: they either (1) do not scale, as they require replicas to maintain information that grows linearly with the number of writes or unique clients; (2) lose information about causality, either by removing entries from client-id based version vectors or using server-id based version vectors, which cause false conflicts. We propose a new logical clock mechanism and a logical clock framework that together support a traditional key-value store API, while capturing causality in an accurate and scalable way, avoiding false conflicts. It maintains concise information per data replica, only linear on the number of replica servers, and allows data replicas to be compared and merged linear with the number of replica servers and versions., (undefined)

Published
2014
Full Text
View/download PDF

Catalog

Books, media, physical & digital resources
See catalog results