Publications tagged "security"

Journal, Conference, and Workshop Papers

2015

Checking Interaction-Based Declassification Policies for Android Using Symbolic Execution
Kristopher Micinski, Jonathan Fetter-Degges, Jinseong Jeon, Jeffrey S. Foster, and Michael R. Clarkson
In European Symposium on Research in Computer Security (ESORICS), volume 9327 of Lecture Notes in Computer Science, pages 520–538, Vienna, Austria, September 2015.
tags: android, security, symbolic exec
[ bibtex | doi ]

2013

An Empirical Study of Location Truncation on Android
Kristopher Micinski, Philip Phelps, and Jeffrey S. Foster
In Mobile Security Technologies (MoST), San Francisco, CA, May 2013.
tags: android, security
[ bibtex ]

2012

Dr. Android and Mr. Hide: Fine-grained Permissions in Android Applications
Jinseong Jeon, Kristopher K. Micinski, Jeffrey A. Vaughan, Ari Fogel, Nikhilesh Reddy, Jeffrey S. Foster, and Todd Millstein
In ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM), pages 3–14, Raleigh, NC, USA, October 2012.
tags: analysis, android, security
[ bibtex | doi ]

2010

Symbolic Security Analysis of Ruby-on-Rails Web Applications
Avik Chaudhuri and Jeffrey S. Foster
In Proceedings of the 17th ACM Conference on Computer and Communications Security (CCS), pages 585–594, Chicago, IL, USA, October 2010.
tags: analysis, dyn langs, security, symbolic exec
[ bibtex | doi ]

2008

Rule-Based Static Analysis of Network Protocol Implementations
Octavian Udrea, Cristian Lumezanu, and Jeffrey S. Foster
Information and Computation, Joint Workshop on Foundations of Computer Security and Automated Reasoning for Security Protocol Analysis (FCS-ARSPA'06), 206(2-4):130–157, February/April 2008.
tags: analysis, security
[ bibtex | doi ]

2006

Flow-Insensitive Type Qualifiers
Jeffrey S. Foster, Robert Johnson, John Kodumal, and Alex Aiken
ACM Transactions of Programming Languages and Systems (TOPLAS), 28(6):1035–1087, November 2006.
tags: analysis, quals, security, types
[ bibtex | doi ]

2002

Type Qualifiers: Lightweight Specifications to Improve Software Quality
Jeffrey Scott Foster
PhD thesis, University of California, Berkeley, December 2002.
tags: analysis, quals, security, types
[ bibtex ]

2001

Detecting Format String Vulnerabilities with Type Qualifiers
Umesh Shankar, Kunal Talwar, Jeffrey S. Foster, and David Wagner
In Proceedings of the 10th USENIX Security Symposium, pages 201–218, Washington, D.C., August 2001.
tags: analysis, quals, security, types
[ bibtex ]

2000

A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities
David Wagner, Jeffrey S. Foster, Eric A. Brewer, and Alexander Aiken
In Networking and Distributed System Security Symposium (NDSS), San Diego, California, February 2000.
tags: analysis, security
[ bibtex ]

Technical Reports

Checking Interaction-Based Declassification Policies for Android Using Symbolic Execution
Kristopher Micinski, Jonathan Fetter-Degges, Jinseong Jeon, Jeffrey S. Foster, and Michael R. Clarkson
Technical Report arXiv:1504.03711, CoRR, July 2015.
tags: android, security
[ bibtex ]

SymDroid: Symbolic Execution for Dalvik Bytecode
Jinseong Jeon, Kristopher K. Micinski, and Jeffrey S. Foster
Technical Report CS-TR-5022, Department of Computer Science, University of Maryland, College Park, July 2012.
tags: android, security, symbolic exec
[ bibtex | doi ]

Dr. Android and Mr. Hide: Fine-grained security policies on unmodified Android
Jinseong Jeon, Kristopher K. Micinski, Jeffrey A. Vaughan, Nikhilesh Reddy, Yixin Zhu, Jeffrey S. Foster, and Todd Millstein
Technical Report CS-TR-5006, Department of Computer Science, University of Maryland, College Park, December 2011.
tags: android, security
[ bibtex | doi ]

Application-centric security policies on unmodified Android
Nikhilesh Reddy, Jinseong Jeon, Jeffrey A. Vaughan, Todd Millstein, and Jeffrey S. Foster
Technical Report UCLA TR 110017, University of California, Los Angeles, Computer Science Department, July 2011.
tags: android, security
[ bibtex ]

SCanDroid: Automated Security Certification of Android Applications
Adam P. Fuchs, Avik Chaudhuri, and Jeffrey S. Foster
Technical Report CS-TR-4991, Department of Computer Science, University of Maryland, College Park, November 2009.
tags: analysis, android, security
[ bibtex | doi ]

Types for Lexically-Scoped Access Control
Tachio Terauchi, Alex Aiken, and Jeffrey S. Foster
Technical Report CSD-03-1282, Computer Science Division, University of California, Berkeley, October 2003.
tags: security, types
[ bibtex ]