The Experts below are selected from a list of 8436 Experts worldwide ranked by ideXlab platform
C.a Gough - One of the best experts on this subject based on the ideXlab platform.
-
Web seismic Un∗x: making seismic reflection processing more accessible
Computers & Geosciences, 1999Co-Authors: M.e Templeton, C.a GoughAbstract:Abstract Web Seismic Un ∗ x is a browser-based user interface for the Seismic Un ∗ x freeware developed at Colorado School of Mines. The interface allows users to process and display seismic reflection data from any remote platform that runs a graphical Web browser. Users access data and create processing jobs on a remote server by completing form-based Web pages whose Common Gateway Interface scripts are written in Perl. These scripts supply parameters, manage files, call Seismic Un ∗ x routines and return data plots. The interface was designed for undergraduate commuter students taking geophysics courses who need to: (a) process seismic data and other time series as a class using computers in campus teaching labs and (b) complete course assignments at home. Students from an undergraduate applied geophysics course tested the Web user interface while completing laboratory assignments in which they acquired and processed common-depth-point seismic reflection data into a subsurface image. This freeware, which will be publicly available by summer 1999, was developed and tested on a Solaris 2.5 server and will be ported to other versions of Unix, Including Linux.
Gilles Muller - One of the best experts on this subject based on the ideXlab platform.
-
hector detecting resource release omission faults in error handling code for systems software
Dependable Systems and Networks, 2013Co-Authors: Suman Saha, Jean-pierre Lozi, Julia L. Lawall, Gael Thomas, Gilles MullerAbstract:Omitting resource-release operations in systems error handling code can lead to memory leaks, crashes, and deadlocks. Finding omission faults is challenging due to the difficulty of reproducing system errors, the diversity of system resources, and the lack of appropriate abstractions in the C language. To address these issues, numerous approaches have been proposed that globally scan a code base for common resource-release operations. Such macroscopic approaches are notorious for their many false positives, while also leaving many faults undetected. We propose a novel microscopic approach to finding resource-release omission faults in systems software. Rather than generalizing from the entire source code, our approach focuses on the error-handling code of each function. Using our tool, Hector, we have found over 370 faults in six systems software projects, Including Linux, with a 23% false positive rate. Some of these faults allow an unprivileged malicious user to crash the entire system.
-
Hector: Detecting resourcerelease omission faults in error-handling code for systems software
2013Co-Authors: Suman Saha, Jean-pierre Lozi, Julia L. Lawall, Gilles MullerAbstract:Abstract—Omitting resource-release operations in systems error handling code can lead to memory leaks, crashes, and deadlocks. Finding omission faults is challenging due to the difficulty of reproducing system errors, the diversity of system resources, and the lack of appropriate abstractions in the C language. To address these issues, numerous approaches have been proposed that globally scan a code base for common resource-release operations. Such macroscopic approaches are notorious for their many false positives, while also leaving many faults undetected. We propose a novel microscopic approach to finding resource-release omission faults in systems software. Rather than gener-alizing from the entire source code, our approach focuses on the error-handling code of each function. Using our tool, Hector, we have found over 370 faults in six systems software projects, Including Linux, with a 23 % false positive rate. Some of these faults allow an unprivileged malicious user to crash the entire system. I
-
DSN - Hector: Detecting Resource-Release Omission Faults in error-handling code for systems software
2013 43rd Annual IEEE IFIP International Conference on Dependable Systems and Networks (DSN), 2013Co-Authors: Suman Saha, Jean-pierre Lozi, Julia L. Lawall, Gael Thomas, Gilles MullerAbstract:Omitting resource-release operations in systems error handling code can lead to memory leaks, crashes, and deadlocks. Finding omission faults is challenging due to the difficulty of reproducing system errors, the diversity of system resources, and the lack of appropriate abstractions in the C language. To address these issues, numerous approaches have been proposed that globally scan a code base for common resource-release operations. Such macroscopic approaches are notorious for their many false positives, while also leaving many faults undetected. We propose a novel microscopic approach to finding resource-release omission faults in systems software. Rather than generalizing from the entire source code, our approach focuses on the error-handling code of each function. Using our tool, Hector, we have found over 370 faults in six systems software projects, Including Linux, with a 23% false positive rate. Some of these faults allow an unprivileged malicious user to crash the entire system.
Zhiqiang Lin - One of the best experts on this subject based on the ideXlab platform.
-
OS-SOMMELIER: Memory-Only Operating System Fingerprinting in the Cloud
2013Co-Authors: Aravind Prakash, Zhiqiang Lin, Heng YinAbstract:Precise fingerprinting of an operating system (OS) is critical to many security and virtual machine (VM) management applications in the cloud, such as VM introspection, penetration testing, guest OS administration (e.g., kernel update), kernel dump analysis, and memory forensics. The existing OS fingerprinting techniques primarily inspect network packets or CPU states, and they all fall short in precision and usability. As the physical memory of a VM is always present in all these applications, in this paper, we present OS-SOMMELIER, a memory-only approach for precise and efficient cloud guest OS fingerprinting. Given a physical memory dump of a guest OS, the key idea of OS-SOMMELIER is to compute the kernel code hash for the precise fingerprinting. To achieve this goal, we face two major challenges: (1) how to differentiate the main kernel code from the rest of code and data in the physical memory, and (2) how to normalize the kernel code to deal with practical issues such as address space layout randomization. We have designed and implemented a prototype system to address these challenges. Our experimental results with over 45 OS kernels, Including Linux, Windows, FreeBSD, OpenBSD and NetBSD, show that our OS-SOMMELIER can precisely fingerprint all the tested OSes without any false positives or false negatives, and do so within only 2 seconds on average
-
Bridging the Semantic Gap in Virtual Machine Introspection via Online Kernel Data Redirection
ACM Transactions on Information and System Security, 2013Co-Authors: Zhiqiang LinAbstract:It is generally believed to be a tedious, time-consuming, and error-prone process to develop a virtual machine introspection (VMI) tool because of the semantic gap. Recent advance shows that the semantic-gap can be largely narrowed by reusing the executed code from a trusted OS kernel. However, the limitation for such an approach is that it only reuses the exercised code through a training process, which suffers the code coverage issues. Thus, in this article, we present Vmst, a new technique that can seamlessly bridge the semantic gap and automatically generate the VMI tools. The key idea is that, through system wide instruction monitoring, Vmst automatically identifies the introspection related data from a secure-VM and online redirects these data accesses to the kernel memory of a product-VM, without any training. Vmst offers a number of new features and capabilities. Particularly, it enables an in-VM inspection program (e.g., ps) to automatically become an out-of-VM introspection program. We have tested Vmst with over 25 commonly used utilities on top of a number of different OS kernels Including Linux and Microsoft Windows. The experimental results show that our technique is general (largely OS-independent), and it introduces 9.3X overhead for Linux utilities and 19.6X overhead for Windows utilities on average for the introspected program compared to the native in-VM execution without data redirection.
-
SoCC - OS-Sommelier: memory-only operating system fingerprinting in the cloud
Proceedings of the Third ACM Symposium on Cloud Computing - SoCC '12, 2012Co-Authors: Aravind Prakash, Zhiqiang Lin, Heng YinAbstract:Precise fingerprinting of an operating system (OS) is critical to many security and virtual machine (VM) management applications in the cloud, such as VM introspection, penetration testing, guest OS administration (e.g., kernel update), kernel dump analysis, and memory forensics. The existing OS fingerprinting techniques primarily inspect network packets or CPU states, and they all fall short in precision and usability. As the physical memory of a VM is always present in all these applications, in this paper, we present OS-Sommelier, a memory-only approach for precise and efficient cloud guest OS fingerprinting. Given a physical memory dump of a guest OS, the key idea of OS-Sommelier is to compute the kernel code hash for the precise fingerprinting. To achieve this goal, we face two major challenges: (1) how to differentiate the main kernel code from the rest of code and data in the physical memory, and (2) how to normalize the kernel code to deal with practical issues such as address space layout randomization. We have designed and implemented a prototype system to address these challenges. Our experimental results with over 45 OS kernels, Including Linux, Windows, FreeBSD, OpenBSD and NetBSD, show that our OS-Sommelier can precisely fingerprint all the tested OSes without any false positives or false negatives, and do so within only 2 seconds on average.
Heng Yin - One of the best experts on this subject based on the ideXlab platform.
-
OS-SOMMELIER: Memory-Only Operating System Fingerprinting in the Cloud
2013Co-Authors: Aravind Prakash, Zhiqiang Lin, Heng YinAbstract:Precise fingerprinting of an operating system (OS) is critical to many security and virtual machine (VM) management applications in the cloud, such as VM introspection, penetration testing, guest OS administration (e.g., kernel update), kernel dump analysis, and memory forensics. The existing OS fingerprinting techniques primarily inspect network packets or CPU states, and they all fall short in precision and usability. As the physical memory of a VM is always present in all these applications, in this paper, we present OS-SOMMELIER, a memory-only approach for precise and efficient cloud guest OS fingerprinting. Given a physical memory dump of a guest OS, the key idea of OS-SOMMELIER is to compute the kernel code hash for the precise fingerprinting. To achieve this goal, we face two major challenges: (1) how to differentiate the main kernel code from the rest of code and data in the physical memory, and (2) how to normalize the kernel code to deal with practical issues such as address space layout randomization. We have designed and implemented a prototype system to address these challenges. Our experimental results with over 45 OS kernels, Including Linux, Windows, FreeBSD, OpenBSD and NetBSD, show that our OS-SOMMELIER can precisely fingerprint all the tested OSes without any false positives or false negatives, and do so within only 2 seconds on average
-
SoCC - OS-Sommelier: memory-only operating system fingerprinting in the cloud
Proceedings of the Third ACM Symposium on Cloud Computing - SoCC '12, 2012Co-Authors: Aravind Prakash, Zhiqiang Lin, Heng YinAbstract:Precise fingerprinting of an operating system (OS) is critical to many security and virtual machine (VM) management applications in the cloud, such as VM introspection, penetration testing, guest OS administration (e.g., kernel update), kernel dump analysis, and memory forensics. The existing OS fingerprinting techniques primarily inspect network packets or CPU states, and they all fall short in precision and usability. As the physical memory of a VM is always present in all these applications, in this paper, we present OS-Sommelier, a memory-only approach for precise and efficient cloud guest OS fingerprinting. Given a physical memory dump of a guest OS, the key idea of OS-Sommelier is to compute the kernel code hash for the precise fingerprinting. To achieve this goal, we face two major challenges: (1) how to differentiate the main kernel code from the rest of code and data in the physical memory, and (2) how to normalize the kernel code to deal with practical issues such as address space layout randomization. We have designed and implemented a prototype system to address these challenges. Our experimental results with over 45 OS kernels, Including Linux, Windows, FreeBSD, OpenBSD and NetBSD, show that our OS-Sommelier can precisely fingerprint all the tested OSes without any false positives or false negatives, and do so within only 2 seconds on average.
M.e Templeton - One of the best experts on this subject based on the ideXlab platform.
-
Web seismic Un∗x: making seismic reflection processing more accessible
Computers & Geosciences, 1999Co-Authors: M.e Templeton, C.a GoughAbstract:Abstract Web Seismic Un ∗ x is a browser-based user interface for the Seismic Un ∗ x freeware developed at Colorado School of Mines. The interface allows users to process and display seismic reflection data from any remote platform that runs a graphical Web browser. Users access data and create processing jobs on a remote server by completing form-based Web pages whose Common Gateway Interface scripts are written in Perl. These scripts supply parameters, manage files, call Seismic Un ∗ x routines and return data plots. The interface was designed for undergraduate commuter students taking geophysics courses who need to: (a) process seismic data and other time series as a class using computers in campus teaching labs and (b) complete course assignments at home. Students from an undergraduate applied geophysics course tested the Web user interface while completing laboratory assignments in which they acquired and processed common-depth-point seismic reflection data into a subsurface image. This freeware, which will be publicly available by summer 1999, was developed and tested on a Solaris 2.5 server and will be ported to other versions of Unix, Including Linux.
