39,513 research outputs found
KASR: A Reliable and Practical Approach to Attack Surface Reduction of Commodity OS Kernels
Commodity OS kernels have broad attack surfaces due to the large code base
and the numerous features such as device drivers. For a real-world use case
(e.g., an Apache Server), many kernel services are unused and only a small
amount of kernel code is used. Within the used code, a certain part is invoked
only at runtime while the rest are executed at startup and/or shutdown phases
in the kernel's lifetime run. In this paper, we propose a reliable and
practical system, named KASR, which transparently reduces attack surfaces of
commodity OS kernels at runtime without requiring their source code. The KASR
system, residing in a trusted hypervisor, achieves the attack surface reduction
through a two-step approach: (1) reliably depriving unused code of executable
permissions, and (2) transparently segmenting used code and selectively
activating them. We implement a prototype of KASR on Xen-4.8.2 hypervisor and
evaluate its security effectiveness on Linux kernel-4.4.0-87-generic. Our
evaluation shows that KASR reduces the kernel attack surface by 64% and trims
off 40% of CVE vulnerabilities. Besides, KASR successfully detects and blocks
all 6 real-world kernel rootkits. We measure its performance overhead with
three benchmark tools (i.e., SPECINT, httperf and bonnie++). The experimental
results indicate that KASR imposes less than 1% performance overhead (compared
to an unmodified Xen hypervisor) on all the benchmarks.Comment: The work has been accepted at the 21st International Symposium on
Research in Attacks, Intrusions, and Defenses 201
Bounded Situation Calculus Action Theories
In this paper, we investigate bounded action theories in the situation
calculus. A bounded action theory is one which entails that, in every
situation, the number of object tuples in the extension of fluents is bounded
by a given constant, although such extensions are in general different across
the infinitely many situations. We argue that such theories are common in
applications, either because facts do not persist indefinitely or because the
agent eventually forgets some facts, as new ones are learnt. We discuss various
classes of bounded action theories. Then we show that verification of a
powerful first-order variant of the mu-calculus is decidable for such theories.
Notably, this variant supports a controlled form of quantification across
situations. We also show that through verification, we can actually check
whether an arbitrary action theory maintains boundedness.Comment: 51 page
A Logic Programming Approach to Knowledge-State Planning: Semantics and Complexity
We propose a new declarative planning language, called K, which is based on
principles and methods of logic programming. In this language, transitions
between states of knowledge can be described, rather than transitions between
completely described states of the world, which makes the language well-suited
for planning under incomplete knowledge. Furthermore, it enables the use of
default principles in the planning process by supporting negation as failure.
Nonetheless, K also supports the representation of transitions between states
of the world (i.e., states of complete knowledge) as a special case, which
shows that the language is very flexible. As we demonstrate on particular
examples, the use of knowledge states may allow for a natural and compact
problem representation. We then provide a thorough analysis of the
computational complexity of K, and consider different planning problems,
including standard planning and secure planning (also known as conformant
planning) problems. We show that these problems have different complexities
under various restrictions, ranging from NP to NEXPTIME in the propositional
case. Our results form the theoretical basis for the DLV^K system, which
implements the language K on top of the DLV logic programming system.Comment: 48 pages, appeared as a Technical Report at KBS of the Vienna
University of Technology, see http://www.kr.tuwien.ac.at/research/reports
The Optimal Rubbling Number of Ladders, Prisms and M\"obius-ladders
A pebbling move on a graph removes two pebbles at a vertex and adds one
pebble at an adjacent vertex. Rubbling is a version of pebbling where an
additional move is allowed. In this new move, one pebble each is removed at
vertices and adjacent to a vertex , and an extra pebble is added at
vertex . A vertex is reachable from a pebble distribution if it is possible
to move a pebble to that vertex using rubbling moves. The optimal rubbling
number is the smallest number needed to guarantee a pebble distribution of
pebbles from which any vertex is reachable. We determine the optimal
rubbling number of ladders (), prisms () and
M\"oblus-ladders
On the testability of SDL specifications
The problem of testing from an SDL specification is often complicated by the presence of infeasible paths. This paper introduces an approach for transforming a class of SDL specification in order to eliminate or reduce the infeasible path problem. This approach is divided into two phases in order to aid generality. First the SDL specification is rewritten to create a normal form extended finite state machine (NF-EFSM). This NF-EFSM is then expanded in order to produce a state machine in which the test criterion may be satisfied using paths that are known to be feasible. The expansion process is guaranteed to terminate. Where the expansion process may lead to an excessively large state machine, this process may be terminated early and feasible paths added. The approach is illustrated through being applied to the Initiator process of the Inres protocol
The MC@NLO 4.0 Event Generator
This is the user's manual of MC@NLO 4.0. This package is a practical
implementation, based upon the Fortran HERWIG and Herwig++ event generators, of
the MC@NLO formalism, which allows one to incorporate NLO QCD matrix elements
consistently into a parton shower framework. Processes available in this
version include the hadroproduction of single vector and Higgs bosons, vector
boson pairs, heavy quark pairs, single top, single top in association with a W,
single top in association with a charged Higgs in type I or II 2HDM models,
lepton pairs, and Higgs bosons in association with a W or Z. Spin correlations
are included for all processes except ZZ production. This document is
self-contained, but we emphasise the main differences with respect to previous
versions.Comment: 36 pages, no figure
- …