Description |
1 online resource (xviii, 543 pages) : illustrations |
Series |
Lecture Notes in Computer Science, 0302-9743 ; 9326 |
|
Lecture notes in computer science ; 9326. 0302-9743
|
Contents |
Intro; Foreword; Organization; Contents -- Part I; Contents -- Part II; Networks and Web Security; Towards Security of Internet Naming Infrastructure; 1 Introduction; 2 Related Work; 2.1 Understanding the DNS Infrastructure; 2.2 Misconfigured Networks; 2.3 DNS Security; 3 Studying DNS Name Servers; 3.1 Recursive Authoritative Name Servers; 3.2 Why Use Server-Side Caches?; 3.3 Who Operates and Uses RANS?; 3.4 Methodology for Detecting RANSes; 4 Evaluating (in)Security of RANSes; 4.1 Services Coresidence; 4.2 Source Port Randomisation; 4.3 DNSSEC; 4.4 Implications of Vulnerable RANSes |
|
5 ConclusionsA Overview: DNS and DNSSEC; References; Waiting for CSP -- Securing Legacy Web Applications with JSAgents; 1 Introduction; 2 Related Work; 3 JSAgents Architecture; 3.1 Building Blocks; 3.2 JSAgents Core Library; 3.3 JSAgents Modules; 3.4 JSAgents Policy Files; 4 Security Evaluation; 5 Performance Evaluation; 6 Future Work; A Comparable Approaches; A.1 From XSS Filters to CSP 1.0; A.2 Content Security Policy; References; Analyzing the BrowserID SSO System with Primary Identity Providers Using an Expressive Model of the Web; 1 Introduction; 2 The Web Model; 2.1 Communication Model |
|
2.2 Web System2.3 Web Browsers; 3 General Security Properties; 4 The BrowserID System; 4.1 Overview; 4.2 Implementation Details; 5 Analysis of BrowserID: Authentication Properties; 5.1 Modeling of BrowserID with Primary IdPs; 5.2 Authentication Properties of the BrowserID System; 5.3 Identity Injection Attack on BrowserID with Primary IdPs; 5.4 Security of the Fixed System; 6 Privacy of BrowserID; 6.1 Privacy Attacks on BrowserID; 6.2 Fixing the Privacy of BrowserID; 7 Related Work; 8 Conclusion; A Browser Model; A.1 Browser State: Zp and sp0; A.2 Web Browser Relation Rp |
|
B Additional Privacy Attack VariantsReferences; System Security; A Practical Approach for Adaptive Data Structure Layout Randomization; 1 Introduction; 2 Overview; 2.1 Threat Model; 2.2 System Overview; 3 Design and Implementation of SALADS; 3.1 Extraction Component; 3.2 Randomization Component; 3.3 De-randomization Component; 3.4 Other Practical Issues; 4 Evaluation; 4.1 Effectiveness of DSSR Application Programs; 4.2 Effectiveness of DSSR Kernel and DSSR Hypervisor; 4.3 Performance Overhead; 4.4 Memory Overhead; 5 Discussion; 5.1 Analysis of Effectiveness; 5.2 Limitations; 6 Related Work |
|
7 ConclusionA Details of Lmbench Results; References; Trustworthy Prevention of Code Injection in Linux on Embedded Devices; 1 Introduction; 2 Background; 2.1 The Prosper Hypervisor; 2.2 The Attack Model; 2.3 Formal Model of the Hypervisor; 3 Design; 4 Formal Model of MProsper; 5 Verification Strategy; 6 Evaluation; 7 Related Work; 8 Concluding Remarks; References; Practical Memory Deduplication Attacks in Sandboxed Javascript; 1 Introduction; 2 Background; 2.1 Shared Memory; 2.2 Page-Deduplication Attacks; 3 Description of Our Javascript-Based Attack; 4 Practical Attacks and Evaluation |
Summary |
The two-volume set, LNCS 9326 and LNCS 9327 constitutes the refereed proceedings of the 20th European Symposium on Research in Computer Security, ESORICS 2015, held in Vienna, Austria, in September 2015. The 59 revised full papers presented were carefully reviewed and selected from 298 submissions. The papers address issues such as networks and Web security; system security; crypto application and attacks; risk analysis; privacy; cloud security; protocols and attribute-based encryption; code analysis and side-channels; detection and monitoring; authentication; policies; and applied security |
Notes |
English |
Subject |
Computer security -- Congresses
|
|
Computer science.
|
|
Electronic Data Processing
|
|
Computer science
|
|
Computer security
|
Genre/Form |
dictionaries.
|
|
proceedings (reports)
|
|
Dictionaries
|
|
Conference papers and proceedings
|
|
Dictionaries.
|
|
Conference papers and proceedings.
|
|
Dictionnaires.
|
|
Actes de congrès.
|
Form |
Electronic book
|
Author |
Pernul, Günther, 1961- editor.
|
|
Ryan, Peter, 1957- editor
|
|
Weippl, Edgar R., editor.
|
ISBN |
9783319241746 |
|
3319241745 |
|