default search action
SecDev 2018: Cambridge, MA, USA
- 2018 IEEE Cybersecurity Development, SecDev 2018, Cambridge, MA, USA, September 30 - October 2, 2018. IEEE Computer Society 2018, ISBN 978-1-5386-7662-2
Paper Session 1: Best Practices of Security
- Toby C. Murray, Paul C. van Oorschot:
BP: Formal Proofs, the Fine Print and Side Effects. 1-10 - Lok K. Yan, Benjamin Price, Michael Zhivich, Brian Caswell, Christopher Eagle, Michael Frantzen, Holt Sorenson, Michael Thompson, Timothy Vidas, Jason Wright, Vernon Rivet, Samuel Colt VanWinkle, Clark Wood:
BP: DECREE: A Platform for Repeatable and Reproducible Security Experiments. 11-20 - Vaishnavi Mohan, Lotfi Ben Othmane, Andre Kres:
BP: Security Concerns and Best Practices for Automation of Software Deployment Processes: An Industrial Case Study. 21-28
Paper Session 2: Data Access Security
- Amir Rahmati
, Earlence Fernandes, Kevin Eykholt
Tyche: A Risk-Based Permission Model for Smart Homes. 29-36 - Will Snavely, William Klieber, Ryan Steele, David Svoboda, Andrew Kotov:
Detecting Leaks of Sensitive Data Due to Stale Reads. 37-44 - Xiaoyu Hu, Jie Zhou, Spyridoula Gravani
Transforming Code to Drop Dead Privileges. 45-52
Paper Session 3: Secure Coding and Analysis
- Archibald Samuel Elliott, Andrew Ruef, Michael Hicks, David Tarditi:
Checked C: Making C Safe by Extension. 53-60 - Darius Foo, Ming Yi Ang, Jason Yeo, Asankhaya Sharma:
SGL: A Domain-Specific Language for Large-Scale Analysis of Open-Source Code. 61-68 - Alexander van Den Berghe, Koen Yskout
A Lingua Franca for Security by Design. 69-76
Paper Session 4: Software and System Development
- Sonja Glumich, Juanita Riley, E. Paul Ratazzi
BP: Integrating Cyber Vulnerability Assessments Earlier into the Systems Development Lifecycle: A Methodology to Conduct Early-Cycle Cyber Vulnerability Assessments. 77-84 - Charles Weir, Lynne Blair, Ingolf Becker, M. Angela Sasse, James Noble
Light-Touch Interventions to Improve Software Development Security. 85-93
Paper Session 5: Vulnerability Assessment
- Hang Hu, Peng Peng, Gang Wang:
Towards Understanding the Adoption of Anti-Spoofing Protocols in Email Systems. 94-101 - Ronald Gil, Hamed Okhravi, Howard E. Shrobe:
There's a Hole in the Bottom of the C: On the Effectiveness of Allocation Protection. 102-109 - Christopher Theisen, Hyunwoo Sohn, Dawson Tripp, Laurie A. Williams:
BP: Profiling Vulnerabilities on the Attack Surface. 110-119
Tutorial Session
- Chengjun Cai
Tutorial: Building Secure and Trustworthy Blockchain Applications. 120-121 - Sazzadur Rahaman, Na Meng, Danfeng Yao
Tutorial: Principles and Practices of Secure Crypto Coding in Java. 122-123 - Elisa Heymann, Barton P. Miller:
Tutorial: Secure Coding Practices, Automated Assessment Tools and the SWAMP. 124-125 - Allan Blanchard, Nikolai Kosmatov, Frédéric Loulergue
Tutorial: Secure Your Things: Secure Development of IoT Software with Frama-C. 126-127 - Mike Dodds, Stephen Magill, Aaron Tomb:
Tutorial: Continuous Verification of Critical Software. 128-129 - Peter Goodman, Gustavo Grieco, Alex Groce:
Tutorial: DeepState: Bringing Vulnerability Detection Tools into the Development Cycle. 130-131 - Fabian Monrose, Jan Werner:
Tutorial: Parry and RIPOSTE: Honing Cybersecurity Skills with Challenge-Based Exercises. 132-133
Practitioners' Session 1: Enterprise Threat Modeling
- François Gauthier, Nathan Keynes, Nicholas Allen, Diane Corney, Padmanabhan Krishnan:
Scalable Static Analysis to Detect Security Vulnerabilities: Challenges and Solutions. 134 - Danny Dhillon, Vishal Mishra:
Applied Threat Driven Security Verification. 135 - Altaz Valani:
Rethinking Secure DevOps Threat Modeling: The Need for a Dual Velocity Approach. 136 - Raghudeep Kannavara, Jacob Vangore, William Roberts, Marcus Lindholm, Priti Shrivastav:
Automating Threat Intelligence for SDL. 137
Practitioners' Session 2: New Security Needs and Approaches
- J. Sukarno Mertoguno, Ryan Craven, Daniel Koller, Matthew S. Mickelson:
Reducing Attack Surface via Executable Transformation. 138 - Jason H. Li, Douglas Schafer, David Whelihan, Stefano Lassini, Nicholas Evancich, Kyung Joon Kwak, Michael Vai, Haley Whitman:
Designing Secure and Resilient Embedded Avionics Systems. 139 - Tim McBride, Anne Townsend, Michael Ekstrom, Lauren Lusty, Julian Sexton:
Data Integrity: Recovering from Ransomware and Other Destructive Events. 140 - Andrea Arbelaez, Sallie Edwards, Kevin Littlefield, Sue Wang, Kangmin Zheng:
Securing Wireless Infusion Pumps. 141 - Xuan Tang:
Best Practice for Developing Secure and Trusted Enterprise Storage & Computing Products. 142 - Hasan Yasar:
Experiment: Sizing Exposed Credentials in GitHub Public Repositories for CI/CD. 143
manage site settings
To protect your privacy, all features that rely on external API calls from your browser are turned off by default. You need to opt-in for them to become active. All settings here will be stored as cookies with your web browser. For more information see our F.A.Q.
last updated on 2024-12-16 22:15 CET by the dblp team
all metadata released as open data under CC0 1.0 license
see also: Terms of Use | Privacy Policy | Imprint
dblp was originally created in 1993 at:
since 2018, dblp has been operated and maintained by:
the dblp computer science bibliography is funded and supported by: