By Topic

IEEE Transactions on Dependable and Secure Computing

Issue 2 • April-June 2010

Filter Results

Displaying Results 1 - 13 of 13
  • [Front cover]

    Publication Year: 2010, Page(s): c1
    Request permission for commercial reuse | PDF file iconPDF (108 KB)
    Freely Available from IEEE
  • [Inside front cover]

    Publication Year: 2010, Page(s): c2
    Request permission for commercial reuse | PDF file iconPDF (136 KB)
    Freely Available from IEEE
  • An Advanced Hybrid Peer-to-Peer Botnet

    Publication Year: 2010, Page(s):113 - 127
    Cited by:  Papers (73)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1424 KB) | HTML iconHTML

    A “botnet” consists of a network of compromised computers controlled by an attacker (“botmaster”). Recently, botnets have become the root cause of many Internet attacks. To be well prepared for future attacks, it is not enough to study how to detect and defend against the botnets that have appeared in the past. More importantly, we should study advanced botnet designs t... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Rigorous, Compositional, and Extensible Framework for Dynamic Fault Tree Analysis

    Publication Year: 2010, Page(s):128 - 143
    Cited by:  Papers (23)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (2407 KB) | HTML iconHTML Multimedia Media

    Fault trees (FTs) are among the most prominent formalisms for reliability analysis of technical systems. Dynamic FTs extend FTs with support for expressing dynamic dependencies among components. The standard analysis vehicle for DFTs is state-based, and treats the model as a continuous-time Markov chain (CTMC). This is not always possible, as we will explain, since some DFTs allow multiple interpr... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Conformance Testing of Temporal Role-Based Access Control Systems

    Publication Year: 2010, Page(s):144 - 158
    Cited by:  Papers (17)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (2565 KB) | HTML iconHTML Multimedia Media

    We propose an approach for conformance testing of implementations required to enforce access control policies specified using the Temporal Role-Based Access Control (TRBAC) model. The proposed approach uses Timed Input-Output Automata (TIOA) to model the behavior specified by a TRBAC policy. The TIOA model is transformed to a deterministic se-FSA model that captures any temporal constraint by usin... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Dual-Quorum: A Highly Available and Consistent Replication System for Edge Services

    Publication Year: 2010, Page(s):159 - 174
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (2861 KB) | HTML iconHTML

    This paper introduces dual-quorum replication, a novel data replication algorithm designed to support Internet edge services. Edge services allow clients to access Internet services via distributed edge servers that operate on a shared collection of underlying data. Although it is generally difficult to share data while providing high availability, good performance, and strong consistency, replica... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • In-Depth Packet Inspection Using a Hierarchical Pattern Matching Algorithm

    Publication Year: 2010, Page(s):175 - 188
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (2920 KB) | HTML iconHTML

    Detection engines capable of inspecting packet payloads for application-layer network information are urgently required. The most important technology for fast payload inspection is an efficient multipattern matching algorithm, which performs exact string matching between packets and a large set of predefined patterns. This paper proposes a novel Enhanced Hierarchical Multipattern Matching Algorit... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Shifting Inference Control to User Side: Architecture and Protocol

    Publication Year: 2010, Page(s):189 - 202
    Cited by:  Papers (4)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1596 KB) | HTML iconHTML

    Inference has been a longstanding issue in database security, and inference control, aiming to curb inference, provides an extra line of defense to the confidentiality of databases by complementing access control. However, in traditional inference control architecture, database server is a crucial bottleneck, as it enforces highly computation-intensive auditing for all users who query the protecte... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Using Web-Referral Architectures to Mitigate Denial-of-Service Threats

    Publication Year: 2010, Page(s):203 - 216
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1463 KB) | HTML iconHTML

    The web is a complicated graph, with millions of websites interlinked together. In this paper, we propose to use this web sitegraph structure to mitigate flooding attacks on a website, using a new web referral architecture for privileged service (“WRAPS”). WRAPS allows a legitimate client to obtain a privilege URL through a simple click on a referral hyperlink, from a website trusted... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • On the Thermal Attack in Instruction Caches

    Publication Year: 2010, Page(s):217 - 223
    Cited by:  Papers (6)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (2423 KB) | HTML iconHTML

    The instruction cache has been recognized as one of the least hot units in microprocessors, which leaves the instruction cache largely ignored in on-chip thermal management. Consequently, thermal sensors are not allocated near the instruction cache. However, malicious codes can exploit the deficiency in this empirical design and heat up fine-grain localized hotspots in the instruction cache, which... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • IEEE Computer Society OnlinePlus [advertisement]

    Publication Year: 2010, Page(s): 224
    Request permission for commercial reuse | PDF file iconPDF (232 KB)
    Freely Available from IEEE
  • TDSC Information for authors

    Publication Year: 2010, Page(s): c3
    Request permission for commercial reuse | PDF file iconPDF (136 KB)
    Freely Available from IEEE
  • [Back cover]

    Publication Year: 2010, Page(s): c4
    Request permission for commercial reuse | PDF file iconPDF (108 KB)
    Freely Available from IEEE

Aims & Scope

The purpose of TDSC is to publish papers in dependability and security, including the joint consideration of these issues and their interplay with system performance.

Full Aims & Scope

Meet Our Editors

Editor-in-Chief
Elisa Bertino
CS Department
Purdue University