Search

Your search keyword '"Wallach, Dan S."' showing total 200 results
Start Over Author "Wallach, Dan S."
200 results on '"Wallach, Dan S."'

2. The Design and Implementation of a Verified File System with End-to-End Data Integrity

Author

Song, Daniel W., Mamouras, Konstantinos, Chen, Ang, Dautenhahn, Nathan, and Wallach, Dan S.

Subjects
Computer Science - Cryptography and Security, Computer Science - Operating Systems, D.2.4, D.4.3, D.4.5, D.4.6
Abstract

Despite significant research and engineering efforts, many of today's important computer systems suffer from bugs. To increase the reliability of software systems, recent work has applied formal verification to certify the correctness of such systems, with recent successes including certified file systems and certified cryptographic protocols, albeit using quite different proof tactics and toolchains. Unifying these concepts, we present the first certified file system that uses cryptographic primitives to protect itself against tampering. Our certified file system defends against adversaries that might wish to tamper with the raw disk. Such an "untrusted storage" threat model captures the behavior of storage devices that might silently return erroneous bits as well as adversaries who might have limited access to a disk, perhaps while in transit. In this paper, we present IFSCQ, a certified cryptographic file system with strong integrity guarantees. IFSCQ combines and extends work on cryptographic file systems and formally certified file systems to prove that our design is correct. It is the first certified file system that is secure against strong adversaries that can maliciously corrupt on-disk data and metadata, including attempting to roll back the disk to earlier versions of valid data. IFSCQ achieves this by constructing a Merkle hash tree of the whole disk, and by proving that tampered disk blocks will always be detected if they ever occur. We demonstrate that IFSCQ runs with reasonable overhead while detecting several kinds of attacks.

Published
2020

3. Investigating the effectiveness of web adblockers

Author

Drazner, Clayton, Đuza, Nikola, Jonker, Hugo, and Wallach, Dan S.

Subjects
Computer Science - Cryptography and Security, Computer Science - Networking and Internet Architecture
Abstract

We investigate adblocking filters and the extent to which websites and advertisers react when their content is impacted by these filters. We collected data daily from the Alexa Top-5000 web sites for 120 days, and from specific sites that newly appeared in filter lists for 140 days. By evaluating how long a filter rule triggers on a website, we can gauge how long it remains effective. We matched websites with both a regular adblocking filter list (EasyList) and with a specialized filter list that targets anti-adblocking logic (Nano Defender). From our data, we observe that the effectiveness of the EasyList adblocking filter decays a modest 0.13\% per day, and after around 80 days seems to stabilize. We found no evidence for any significant decay in effectiveness of the more specialized, but less widely used, anti-adblocking removal filters.

Published
2019

4. On the security of ballot marking devices

Author

Wallach, Dan S.

Subjects
Computer Science - Cryptography and Security
Abstract

A recent debate among election experts has considered whether electronic ballot marking devices (BMDs) have adequate security against the risks of malware. A malicious BMD might produce a printed ballot that disagrees with a voter's actual intent, with the hope that voters would be unlikely to detect this subterfuge. This essay considers how an election administrator can create reasonable auditing procedures to gain confidence that their fleet of BMDs is operating correctly, allowing voters to benefit from the usability and accessibility features of BMDs while the overall election still benefits from the same security and reliability properties we expect from hand-marked paper ballots., Comment: Major revision relative to the August draft

Published
2019

6. Public Evidence from Secret Ballots

Author

Bernhard, Matthew, Benaloh, Josh, Halderman, J. Alex, Rivest, Ronald L., Ryan, Peter Y. A., Stark, Philip B., Teague, Vanessa, Vora, Poorvi L., and Wallach, Dan S.

Subjects
Computer Science - Cryptography and Security
Abstract

Elections seem simple---aren't they just counting? But they have a unique, challenging combination of security and privacy requirements. The stakes are high; the context is adversarial; the electorate needs to be convinced that the results are correct; and the secrecy of the ballot must be ensured. And they have practical constraints: time is of the essence, and voting systems need to be affordable and maintainable, and usable by voters, election officials, and pollworkers. It is thus not surprising that voting is a rich research area spanning theory, applied cryptography, practical systems analysis, usable security, and statistics. Election integrity involves two key concepts: convincing evidence that outcomes are correct and privacy, which amounts to convincing assurance that there is no evidence about how any given person voted. These are obviously in tension. We examine how current systems walk this tightrope., Comment: To appear in E-Vote-Id '17

Published
2017

7. Verification of STAR-Vote and Evaluation of FDR and ProVerif

Author

Moran, Murat and Wallach, Dan S.

Subjects
Computer Science - Cryptography and Security
Abstract

We present the first automated privacy analysis of STAR-Vote, a real world voting system design with sophisticated "end-to-end" cryptography, using FDR and ProVerif. We also evaluate the effectiveness of these tools. Despite the complexity of the voting system, we were able to verify that our abstracted formal model of STAR-Vote provides ballot-secrecy using both formal approaches. Notably, ProVerif is radically faster than FDR, making it more suitable for rapid iteration and refinement of the formal model., Comment: 16 pages, 2 figures, submitted to iFM 2017 conference

Published
2017

8. An Empirical Study of Mobile Ad Targeting

Author

Book, Theodore and Wallach, Dan S.

Subjects
Computer Science - Cryptography and Security, Computer Science - Computers and Society
Abstract

Advertising, long the financial mainstay of the web ecosystem, has become nearly ubiquitous in the world of mobile apps. While ad targeting on the web is fairly well understood, mobile ad targeting is much less studied. In this paper, we use empirical methods to collect a database of over 225,000 ads on 32 simulated devices hosting one of three distinct user profiles. We then analyze how the ads are targeted by correlating ads to potential targeting profiles using Bayes' rule and Pearson's chi squared test. This enables us to measure the prevalence of different forms of targeting. We find that nearly all ads show the effects of application- and time-based targeting, while we are able to identify location-based targeting in 43% of the ads and user-based targeting in 39%., Comment: Submitted to USENIX Security 2015

Published
2015

9. Glider: A GPU Library Driver for Improved System Security

Author

Sani, Ardalan Amiri, Zhong, Lin, and Wallach, Dan S.

Subjects
Computer Science - Operating Systems
Abstract

Legacy device drivers implement both device resource management and isolation. This results in a large code base with a wide high-level interface making the driver vulnerable to security attacks. This is particularly problematic for increasingly popular accelerators like GPUs that have large, complex drivers. We solve this problem with library drivers, a new driver architecture. A library driver implements resource management as an untrusted library in the application process address space, and implements isolation as a kernel module that is smaller and has a narrower lower-level interface (i.e., closer to hardware) than a legacy driver. We articulate a set of device and platform hardware properties that are required to retrofit a legacy driver into a library driver. To demonstrate the feasibility and superiority of library drivers, we present Glider, a library driver implementation for two GPUs of popular brands, Radeon and Intel. Glider reduces the TCB size and attack surface by about 35% and 84% respectively for a Radeon HD 6450 GPU and by about 38% and 90% respectively for an Intel Ivy Bridge GPU. Moreover, it incurs no performance cost. Indeed, Glider outperforms a legacy driver for applications requiring intensive interactions with the device driver, such as applications using the OpenGL immediate mode API.

Published
2014

10. The Mason Test: A Defense Against Sybil Attacks in Wireless Networks Without Trusted Authorities

Author

Liu, Yue, Bild, David R., Dick, Robert P., Mao, Z. Morley, and Wallach, Dan S.

Subjects
Computer Science - Cryptography and Security
Abstract

Wireless networks are vulnerable to Sybil attacks, in which a malicious node poses as many identities in order to gain disproportionate influence. Many defenses based on spatial variability of wireless channels exist, but depend either on detailed, multi-tap channel estimation - something not exposed on commodity 802.11 devices - or valid RSSI observations from multiple trusted sources, e.g., corporate access points - something not directly available in ad hoc and delay-tolerant networks with potentially malicious neighbors. We extend these techniques to be practical for wireless ad hoc networks of commodity 802.11 devices. Specifically, we propose two efficient methods for separating the valid RSSI observations of behaving nodes from those falsified by malicious participants. Further, we note that prior signalprint methods are easily defeated by mobile attackers and develop an appropriate challenge-response defense. Finally, we present the Mason test, the first implementation of these techniques for ad hoc and delay-tolerant networks of commodity 802.11 devices. We illustrate its performance in several real-world scenarios.

Published
2014

11. Performance Analysis of Location Profile Routing

Author

Bild, David R., Liu, Yue, Dick, Robert P., Mao, Z. Morley, and Wallach, Dan S.

Subjects
Computer Science - Networking and Internet Architecture
Abstract

We propose using the predictability of human motion to eliminate the overhead of distributed location services in human-carried MANETs, dubbing the technique location profile routing. This method outperforms the Geographic Hashing Location Service when nodes change locations 2x more frequently than they initiate connections (e.g., start new TCP streams), as in applications like text- and instant-messaging. Prior characterizations of human mobility are used to show that location profile routing achieves a 93% delivery ratio with a 1.75x first-packet latency increase relative to an oracle location service.

Published
2014

12. Aggregate Characterization of User Behavior in Twitter and Analysis of the Retweet Graph

Author

Bild, David R., Liu, Yue, Dick, Robert P., Mao, Z. Morley, and Wallach, Dan S.

Subjects
Computer Science - Social and Information Networks, Physics - Physics and Society
Abstract

Most previous analysis of Twitter user behavior is focused on individual information cascades and the social followers graph. We instead study aggregate user behavior and the retweet graph with a focus on quantitative descriptions. We find that the lifetime tweet distribution is a type-II discrete Weibull stemming from a power law hazard function, the tweet rate distribution, although asymptotically power law, exhibits a lognormal cutoff over finite sample intervals, and the inter-tweet interval distribution is power law with exponential cutoff. The retweet graph is small-world and scale-free, like the social graph, but is less disassortative and has much stronger clustering. These differences are consistent with it better capturing the real-world social relationships of and trust between users. Beyond just understanding and modeling human communication patterns and social networks, applications for alternative, decentralized microblogging systems-both predicting real-word performance and detecting spam-are discussed., Comment: 17 pages, 21 figures

Published
2014
Full Text
View/download PDF

13. A Case of Collusion: A Study of the Interface Between Ad Libraries and their Apps

Author

Book, Theodore and Wallach, Dan S.

Subjects
Computer Science - Cryptography and Security
Abstract

A growing concern with advertisement libraries on Android is their ability to exfiltrate personal information from their host applications. While previous work has looked at the libraries' abilities to measure private information on their own, advertising libraries also include APIs through which a host application can deliberately leak private information about the user. This study considers a corpus of 114,000 apps. We reconstruct the APIs for 103 ad libraries used in the corpus, and study how the privacy leaking APIs from the top 20 ad libraries are used by the applications. Notably, we have found that app popularity correlates with privacy leakage; the marginal increase in advertising revenue, multiplied over a larger user base, seems to incentivize these app vendors to violate their users' privacy., Comment: 6 pages

Published
2013

14. Automated generation of web server fingerprints

Author

Book, Theodore, Witick, Martha, and Wallach, Dan S.

Subjects
Computer Science - Cryptography and Security, Computer Science - Networking and Internet Architecture
Abstract

In this paper, we demonstrate that it is possible to automatically generate fingerprints for various web server types using multifactor Bayesian inference on randomly selected servers on the Internet, without building an a priori catalog of server features or behaviors. This makes it possible to conclusively study web server distribution without relying on reported (and variable) version strings. We gather data by sending a collection of specialized requests to 110,000 live web servers. Using only the server response codes, we then train an algorithm to successfully predict server types independently of the server version string. In the process, we note several distinguishing features of current web infrastructure.

Published
2013

15. Longitudinal Analysis of Android Ad Library Permissions

Author

Book, Theodore, Pridgen, Adam, and Wallach, Dan S.

Subjects
Computer Science - Cryptography and Security
Abstract

This paper investigates changes over time in the behavior of Android ad libraries. Taking a sample of 100,000 apps, we extract and classify the ad libraries. By considering the release dates of the applications that use a specific ad library version, we estimate the release date for the library, and thus build a chronological map of the permissions used by various ad libraries over time. We find that the use of most permissions has increased over the last several years, and that more libraries are able to use permissions that pose particular risks to user privacy and security., Comment: Most 2013

Published
2013

16. The Velocity of Censorship: High-Fidelity Detection of Microblog Post Deletions

Author

Zhu, Tao, Phipps, David, Pridgen, Adam, Crandall, Jedidiah R., and Wallach, Dan S.

Subjects
Computer Science - Computers and Society, Computer Science - Information Retrieval, Computer Science - Social and Information Networks
Abstract

Weibo and other popular Chinese microblogging sites are well known for exercising internal censorship, to comply with Chinese government requirements. This research seeks to quantify the mechanisms of this censorship: how fast and how comprehensively posts are deleted.Our analysis considered 2.38 million posts gathered over roughly two months in 2012, with our attention focused on repeatedly visiting "sensitive" users. This gives us a view of censorship events within minutes of their occurrence, albeit at a cost of our data no longer representing a random sample of the general Weibo population. We also have a larger 470 million post sampling from Weibo's public timeline, taken over a longer time period, that is more representative of a random sample. We found that deletions happen most heavily in the first hour after a post has been submitted. Focusing on original posts, not reposts/retweets, we observed that nearly 30% of the total deletion events occur within 5- 30 minutes. Nearly 90% of the deletions happen within the first 24 hours. Leveraging our data, we also considered a variety of hypotheses about the mechanisms used by Weibo for censorship, such as the extent to which Weibo's censors use retrospective keyword-based censorship, and how repost/retweet popularity interacts with censorship. We also used natural language processing techniques to analyze which topics were more likely to be censored., Comment: arXiv admin note: substantial text overlap with arXiv:1211.6166

Published
2013

17. Tracking and Quantifying Censorship on a Chinese Microblogging Site

Author

Zhu, Tao, Phipps, David, Pridgen, Adam, Crandall, Jedidiah R., and Wallach, Dan S.

Subjects
Computer Science - Information Retrieval, Computer Science - Cryptography and Security, H.3.3, H.3.5, I.2.7
Abstract

We present measurements and analysis of censorship on Weibo, a popular microblogging site in China. Since we were limited in the rate at which we could download posts, we identified users likely to participate in sensitive topics and recursively followed their social contacts. We also leveraged new natural language processing techniques to pick out trending topics despite the use of neologisms, named entities, and informal language usage in Chinese social media. We found that Weibo dynamically adapts to the changing interests of its users through multiple layers of filtering. The filtering includes both retroactively searching posts by keyword or repost links to delete them, and rejecting posts as they are posted. The trend of sensitive topics is short-lived, suggesting that the censorship is effective in stopping the "viral" spread of sensitive issues. We also give evidence that sensitive topics in Weibo only scarcely propagate beyond a core of sensitive posters.

Published
2012

18. STAR-Vote: A Secure, Transparent, Auditable, and Reliable Voting System

Author

Benaloh, Josh, Byrne, Mike, Kortum, Philip, McBurnett, Neal, Pereira, Olivier, Stark, Philip B., and Wallach, Dan S.

Subjects
Computer Science - Cryptography and Security
Abstract

In her 2011 EVT/WOTE keynote, Travis County, Texas County Clerk Dana DeBeauvoir described the qualities she wanted in her ideal election system to replace their existing DREs. In response, in April of 2012, the authors, working with DeBeauvoir and her staff, jointly architected STAR-Vote, a voting system with a DRE-style human interface and a "belt and suspenders" approach to verifiability. It provides both a paper trail and end-to-end cryptography using COTS hardware. It is designed to support both ballot-level risk-limiting audits, and auditing by individual voters and observers. The human interface and process flow is based on modern usability research. This paper describes the STAR-Vote architecture, which could well be the next-generation voting system for Travis County and perhaps elsewhere.

Published
2012

19. AdSplit: Separating smartphone advertising from applications

Author

Shekhar, Shashi, Dietz, Michael, and Wallach, Dan S.

Subjects
Computer Science - Operating Systems
Abstract

A wide variety of smartphone applications today rely on third-party advertising services, which provide libraries that are linked into the hosting application. This situation is undesirable for both the application author and the advertiser. Advertising libraries require additional permissions, resulting in additional permission requests to users. Likewise, a malicious application could simulate the behavior of the advertising library, forging the user's interaction and effectively stealing money from the advertiser. This paper describes AdSplit, where we extended Android to allow an application and its advertising to run as separate processes, under separate user-ids, eliminating the need for applications to request permissions on behalf of their advertising libraries. We also leverage mechanisms from Quire to allow the remote server to validate the authenticity of client-side behavior. In this paper, we quantify the degree of permission bloat caused by advertising, with a study of thousands of downloaded apps. AdSplit automatically recompiles apps to extract their ad services, and we measure minimal runtime overhead. We also observe that most ad libraries just embed an HTML widget within and describe how AdSplit can be designed with this in mind to avoid any need for ads to have native code.

Published
2012

20. #h00t: Censorship Resistant Microblogging

Author

Bachrach, Dustin, Nunu, Christopher, Wallach, Dan S., and Wright, Matthew

Subjects
Computer Science - Cryptography and Security, Computer Science - Social and Information Networks
Abstract

Microblogging services such as Twitter are an increasingly important way to communicate, both for individuals and for groups through the use of hashtags that denote topics of conversation. However, groups can be easily blocked from communicating through blocking of posts with the given hashtags. We propose #h00t, a system for censorship resistant microblogging. #h00t presents an interface that is much like Twitter, except that hashtags are replaced with very short hashes (e.g., 24 bits) of the group identifier. Naturally, with such short hashes, hashtags from different groups may collide and #h00t users will actually seek to create collisions. By encrypting all posts with keys derived from the group identifiers, #h00t client software can filter out other groups' posts while making such filtering difficult for the adversary. In essence, by leveraging collisions, groups can tunnel their posts in other groups' posts. A censor could not block a given group without also blocking the other groups with colliding hashtags. We evaluate the feasibility of #h00t through traces collected from Twitter, showing that a single modern computer has enough computational throughput to encrypt every tweet sent through Twitter in real time. We also use these traces to analyze the bandwidth and anonymity tradeoffs that would come with different variations on how group identifiers are encoded and hashtags are selected to purposefully collide with one another., Comment: 10 pages, 4 figures. keywords: censorship resistance, twitter, microblogging, covert channels, group anonymity

Published
2011

21. Attacks on Local Searching Tools

Author

Nielson, Seth James, Fogarty, Seth J., and Wallach, Dan S.

Subjects
Computer Science - Cryptography and Security
Abstract

The Google Desktop Search is an indexing tool, currently in beta testing, designed to allow users fast, intuitive, searching for local files. The principle interface is provided through a local web server which supports an interface similar to Google.com's normal web page. Indexing of local files occurs when the system is idle, and understands a number of common file types. A optional feature is that Google Desktop can integrate a short summary of a local search results with Google.com web searches. This summary includes 30-40 character snippets of local files. We have uncovered a vulnerability that would release private local data to an unauthorized remote entity. Using two different attacks, we expose the small snippets of private local data to a remote third party., Comment: Previously unpublished technical report from December 2004

Published
2011

22. Building Better Incentives for Robustness in BitTorrent

Author

Nielson, Seth James, Spare, Caleb E., and Wallach, Dan S.

Subjects
Computer Science - Computer Science and Game Theory, Computer Science - Networking and Internet Architecture
Abstract

BitTorrent is a widely-deployed, peer-to-peer file transfer protocol engineered with a "tit for tat" mechanism that encourages cooperation. Unfortunately, there is little incentive for nodes to altruistically provide service to their peers after they finish downloading a file, and what altruism there is can be exploited by aggressive clients like Bit- Tyrant. This altruism, called seeding, is always beneficial and sometimes essential to BitTorrent's real-world performance. We propose a new long-term incentives mechanism in BitTorrent to encourage peers to seed and we evaluate its effectiveness via simulation. We show that when nodes running our algorithm reward one another for good behavior in previous swarms, they experience as much as a 50% improvement in download times over unrewarded nodes. Even when aggressive clients, such as BitTyrant, participate in the swarm, our rewarded nodes still outperform them, although by smaller margins., Comment: 14 pages, 11 figures, technical report

Published
2011

23. The BitTorrent Anonymity Marketplace

Author

Nielson, Seth James and Wallach, Dan S.

Subjects
Computer Science - Cryptography and Security
Abstract

The very nature of operations in peer-to-peer systems such as BitTorrent exposes information about participants to their peers. Nodes desiring anonymity, therefore, often chose to route their peer-to-peer traffic through anonymity relays, such as Tor. Unfortunately, these relays have little incentive for contribution and struggle to scale with the high loads that P2P traffic foists upon them. We propose a novel modification for BitTorrent that we call the BitTorrent Anonymity Marketplace. Peers in our system trade in k swarms obscuring the actual intent of the participants. But because peers can cross-trade torrents, the k-1 cover traffic can actually serve a useful purpose. This creates a system wherein a neighbor cannot determine if a node actually wants a given torrent, or if it is only using it as leverage to get the one it really wants. In this paper, we present our design, explore its operation in simulation, and analyze its effectiveness. We demonstrate that the upload and download characteristics of cover traffic and desired torrents are statistically difficult to distinguish., Comment: 15 page, 6 figure, technical report

Published
2011

24. An Analysis of Chinese Search Engine Filtering

Author

Zhu, Tao, Bronk, Christopher, and Wallach, Dan S.

Subjects
Computer Science - Cryptography and Security
Abstract

The imposition of government mandates upon Internet search engine operation is a growing area of interest for both computer science and public policy. Users of these search engines often observe evidence of censorship, but the government policies that impose this censorship are not generally public. To better understand these policies, we conducted a set of experiments on major search engines employed by Internet users in China, issuing queries against a variety of different words: some neutral, some with names of important people, some political, and some pornographic. We conducted these queries, in Chinese, against Baidu, Google (including google.cn, before it was terminated), Yahoo!, and Bing. We found remarkably aggressive filtering of pornographic terms, in some cases causing non-pornographic terms which use common characters to also be filtered. We also found that names of prominent activists and organizers as well as top political and military leaders, were also filtered in whole or in part. In some cases, we found search terms which we believe to be "blacklisted". In these cases, the only results that appeared, for any of them, came from a short "whitelist" of sites owned or controlled directly by the Chinese government. By repeating observations over a long observation period, we also found that the keyword blocking policies of the Great Firewall of China vary over time. While our results don't offer any fundamental insight into how to defeat or work around Chinese internet censorship, they are still helpful to understand the structure of how censorship duties are shared between the Great Firewall and Chinese search engines., Comment: 11 pages

Published
2011

25. Quire: Lightweight Provenance for Smart Phone Operating Systems

Author

Dietz, Michael, Shekhar, Shashi, Pisetsky, Yuliy, Shu, Anhei, and Wallach, Dan S.

Subjects
Computer Science - Cryptography and Security
Abstract

Smartphone apps often run with full privileges to access the network and sensitive local resources, making it difficult for remote systems to have any trust in the provenance of network connections they receive. Even within the phone, different apps with different privileges can communicate with one another, allowing one app to trick another into improperly exercising its privileges (a Confused Deputy attack). In Quire, we engineered two new security mechanisms into Android to address these issues. First, we track the call chain of IPCs, allowing an app the choice of operating with the diminished privileges of its callers or to act explicitly on its own behalf. Second, a lightweight signature scheme allows any app to create a signed statement that can be verified anywhere inside the phone. Both of these mechanisms are reflected in network RPCs, allowing remote systems visibility into the state of the phone when an RPC is made. We demonstrate the usefulness of Quire with two example applications. We built an advertising service, running distinctly from the app which wants to display ads, which can validate clicks passed to it from its host. We also built a payment service, allowing an app to issue a request which the payment service validates with the user. An app cannot not forge a payment request by directly connecting to the remote server, nor can the local payment service tamper with the request.

Published
2011

26. Clash Attacks and the STAR-Vote System

Author

Pereira, Olivier, Wallach, Dan S., Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Krimmer, Robert, editor, Volkamer, Melanie, editor, Braun Binder, Nadja, editor, Kersting, Norbert, editor, Pereira, Olivier, editor, and Schürmann, Carsten, editor

Published
2017
Full Text
View/download PDF

28. Users’ Mental Models for Three End-to-End Voting Systems: Helios, Prêt à Voter, and Scantegrity II

Author

Acemyan, Claudia Z., Kortum, Philip, Byrne, Michael D., Wallach, Dan S., Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Tryfonas, Theo, editor, and Askoxylakis, Ioannis, editor

Published
2015
Full Text
View/download PDF

29. Building Incentives into Tor

Author

“Johnny” Ngan, Tsuen-Wan, Dingledine, Roger, Wallach, Dan S., Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Doug, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, and Sion, Radu, editor

Published
2010
Full Text
View/download PDF

30. Super-Efficient Aggregating History-Independent Persistent Authenticated Dictionaries

Author

Crosby, Scott A., Wallach, Dan S., Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Nierstrasz, Oscar, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Sudan, Madhu, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Vardi, Moshe Y., Series editor, Weikum, Gerhard, Series editor, Backes, Michael, editor, and Ning, Peng, editor

Published
2009
Full Text
View/download PDF

31. A Viewpoint: A Memory Safety Manifesto

Author

Wallach, Dan S. and Lord, Bob

Abstract

Memory safety vulnerabilities, like buffer overflows and use after free, are endemic to the C and C++ programming languages. Despite decades of effort to help programmers find and fix these issues, they nonetheless are exploited with distressing regularity. It’s time for a new approach. This manifesto argues that we must commit to rewriting the world’s software in “safe” languages that eliminate these issues up front. It’s going to take a while, but it’s time to get started.

Published
2024
Full Text
View/download PDF

32. Scrivener: Providing Incentives in Cooperative Content Distribution Systems

Author

Nandi, Animesh, Ngan, Tsuen-Wan “Johnny”, Singh, Atul, Druschel, Peter, Wallach, Dan S., Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Nierstrasz, Oscar, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Sudan, Madhu, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Dough, Series editor, Vardi, Moshe Y., Series editor, Weikum, Gerhard, Series editor, and Alonso, Gustavo, editor

Published
2005
Full Text
View/download PDF

33. A Taxonomy of Rational Attacks

Author

Nielson, Seth James, Crosby, Scott A., Wallach, Dan S., Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Dough, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, Castro, Miguel, editor, and van Renesse, Robbert, editor

Published
2005
Full Text
View/download PDF

35. A Survey of Peer-to-Peer Security Issues

Author

Wallach, Dan S., Goos, Gerhard, editor, Hartmanis, Juris, editor, van Leeuwen, Jan, editor, Okada, Mitsuhiro, editor, Pierce, Benjamin C., editor, Scedrov, Andre, editor, Tokuda, Hideyuki, editor, and Yonezawa, Akinori, editor

Published
2003
Full Text
View/download PDF

39. Public Evidence from Secret Ballots

Author

Bernhard, Matthew, primary, Benaloh, Josh, additional, Alex Halderman, J., additional, Rivest, Ronald L., additional, Ryan, Peter Y. A., additional, Stark, Philip B., additional, Teague, Vanessa, additional, Vora, Poorvi L., additional, and Wallach, Dan S., additional

Published
2017
Full Text
View/download PDF

43. Summative Usability Assessments of STAR-Vote: A Cryptographically Secure e2e Voting System That Has Been Empirically Proven to Be Easy to Use.

Author

Acemyan, Claudia Ziegler, Kortum, Philip, Byrne, Michael D., and Wallach, Dan S.

Abstract

Background: From the project's inception, STAR-Vote was intended to be one of the first usable, end-to-end (e2e) voting systems with sophisticated security. To realize STAR-Vote, computer security experts, statistical auditors, human factors (HF)/human-computer interaction (HCI) researchers, and election officials collaborated throughout the project and relied upon a user-centered, iterative design and development process, which included human factors research and usability testing, to make certain the system would be both usable and secure.Objective: While best practices in HF/HCI methods for design were used and all apparent usability problems were identified and fixed, summative system usability assessments were conducted toward the end of the user-centered design process to determine whether STAR-Vote is in fact easy to use.Method and Results: After collecting efficiency, effectiveness, and satisfaction measurements per ISO 9241-11's system usability criteria, an analysis of the data revealed that there is evidence for STAR-Vote being the most usable, cryptographically secure voting system to date when compared with the previously tested e2e systems: Helios, Prêt à Voter, and Scantegrity.Conclusion and Application: STAR-Vote being one of the first e2e voting systems that is both highly usable and secure is a significant accomplishment, because tamper-resistant voting systems can be used in U.S. elections to ensure the integrity of the electoral process, while still ensuring that voter intent is accurately reflected in the cast ballots. Moreover, this research empirically shows that a complex, secure system can still be usable-meaning that implemented security is not an excuse for poor usability. [ABSTRACT FROM AUTHOR]

Published
2022
Full Text
View/download PDF

47. Performance analysis of TLS Web servers

Author

Coarfa, Cristian, Druschel, Peter, and Wallach, Dan S.

Subjects
Electronic commerce, Internet security, Electronic commerce -- Safety and security measures, Internet -- Safety and security measures, Internet -- Analysis
Abstract

TLS is the protocol of choice for securing today's e-commerce and online transactions but adding TLS to a Web server imposes a significant overhead relative to an insecure Web server on the same platform. We perform a comprehensive study of the performance costs of TLS. Our methodology is to profile TLS Web servers with trace-driven workloads, replace individual components inside TLS with no-ops, and measure the observed increase in server throughput. We estimate the relative costs of each TLS processing stage, identifying the areas for which future optimizations would be worthwhile. Our results show that while the RSA operations represent the largest performance cost in TLS Web servers, they do not solely account for TLS overhead. RSA accelerators are effective for e-commerce site workloads since they experience low TLS session reuse. Accelerators appear to be less effective for sites where all the requests are handled by a TLS server because they have a higher session reuse rate. In this case, investing in a faster CPU might provide a greater boost in performance. Our experiments show that having a second CPU is at least as useful as an RSA accelerator. Our results seem to suggest that, as CPUs become faster, the cryptographic costs of TLS will become dwarfed by the CPU costs of the nonsecurity aspects of a Web server. Optimizations aimed at general purpose Web servers should continue to be a focus of research and would benefit secure Web servers as well. Categories and Subject Descriptors: C.2.2 [Computer-Communication Networks]: Network Protocols--Protocol architectures; C.2.4 [Computer.Communication Network]: Distributed Systems--Client/server; C.4.0 [Performance of Systems]: General Measurement techniques, performance attributes; D.2.8 [Software Engineering]: Metrics Performance measures, product metrics; D.4.6 [Operating Systems]: Security and Protection Access controls, authentication; D.4.8 [Operating Systems]: Performance Measurements, modeling and prediction General Terms: Measurement, Performance, Security Additional Key Words and Phrases: TLS, Internet, e-commerce, RSA accelerator, secure Web servers

Published
2006

48. Iterative Adaptation for mobile clients using existing APIs

Author

De Lara, Eyal, Chopra, Yogesh, Kumar, Rajnish, Vaghela, Nilesh, Wallach, Dan S., and Zwaenepoel, Willy

Subjects
Application Programming Interface -- Methods, Middleware -- Analysis, Application programming interface, Database middleware, Middleware, Business, Computers, Electronics, Electronics and electrical industries
Abstract

The extent to which existing APIs can be used for the purposes of adapting document-based Iterative Adaptation applications to run on bandwidth-limited devices is evaluated. A large number of bandwidth adaptations for applications from the Microsoft Office and the OpenOffice productivity suites and for Internet Explorer are implemented.

Published
2005

49. On the feasibility of using wireless ethernet for indoor localization

Author

Ladd, Andrew M., Bekris, Kostas E., Rudys, Algis P., Wallach, Dan S., and Kavraki, Lydia E.

Subjects
Robotics -- Research
Abstract

IEEE 802.11b wireless Ethernet is becoming the standard for indoor wireless communication. This paper proposes the use of measured signal strength of Ethernet packets as a sensor for a localization system. We demonstrate that off-the-shelf hardware can accurately be used for location sensing and real-time tracking by applying a Bayesian localization framework. Index Terms--Bayesian inference, sensor fusion, robot localization, wireless Ethernet.

Published
2004

Catalog

Books, media, physical & digital resources
See catalog results