Casen Hunger scite author profile

Casen Hunger

4Publications

42Citation Statements Received

108Citation Statements Given

How they've been cited

How they cite others

161

108

Affiliations

The University of Texas at Austin

Publications

Order By: Most citations

Understanding contention-based channels and using them for defense

Hunger

Kazdagli

Rawat

et al. 2015

View full text Add to dashboard Cite

Microarchitectural resources such as caches and predictors can be used to leak information across security domains. Significant prior work has demonstrated attacks and defenses for specific types of such microarchitectural side and covert channels. In this paper, we introduce a general mathematical study of microarchitectural channels using information theory. Our conceptual contribution is a simple mathematical abstraction that captures the common characteristics of all microarchitectural channels. We call this the Bucket model and it reveals that microarchitectural channels are fundamentally different from side and covert channels in networking.We then quantify the communication capacity of several microarchitectural covert channels (including channels that rely on performance counters, AES hardware and memory buses) and measure bandwidths across both KVM based heavy-weight virtualization and light-weight operating-system level isolation. We demonstrate channel capacities that are orders of magnitude higher compared to what was previously considered possible.Finally, we introduce a novel way of detecting intelligent adversaries that try to hide while running covert channel eavesdropping attacks. Our method generalizes a prior detection scheme (that modeled static adversaries) by introducing noise that hides the detection process from an intelligent eavesdropper. 639978-1-4799-8930-0/15/$31.00 ©2015 IEEE

show abstract

DATS - Data Containers for Web Applications

Hunger

Vilanova

Papamanthou

et al. 2018

View full text Add to dashboard Cite

Data containers enable users to control access to their data while untrusted applications compute on it. However, they require replicating an application inside each containercompromising functionality, programmability, and performance. We propose DATS-a system to run web applications that retains application usability and efficiency through a mix of hardware capability enhanced containers and the introduction of two new primitives modeled after the popular model-view-controller (MVC) pattern. (1) DATS introduces a templating language to create views that compose data across data containers. (2) DATS uses authenticated storage and confinement to enable an untrusted storage service, such as memcached and deduplication, to operate on plain-text data across containers. These two primitives act as robust declassifiers that allow DATS to enforce non-interference across containers, taking large applications out of the trusted computing base (TCB). We showcase eight different web applications including Gitlab and a Slack-like chat, significantly improve the worstcase overheads due to application replication, and demonstrate usable performance for common-case usage.

show abstract

DATS - Data Containers for Web Applications

et al. 2018

View full text Add to dashboard Cite

show abstract

ACHyb: a hybrid analysis approach to detect kernel access control vulnerabilities

Yang

Wang

Hunger

et al. 2021

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Casen Hunger

Understanding contention-based channels and using them for defense

DATS - Data Containers for Web Applications

DATS - Data Containers for Web Applications

ACHyb: a hybrid analysis approach to detect kernel access control vulnerabilities

Contact Info

Product

Resources

About