Rodrigo Branco scite author profile

Rodrigo Branco

4Publications

8Citation Statements Received

3Citation Statements Given

How they've been cited

How they cite others

Affiliations

Oregon State University, Intel (United States), Instituto Tecnológico de Aeronáutica

Publications

Order By: Most citations

Security Issues and Challenges for Virtualization Technologies

2020

View full text Add to dashboard Cite

Virtualization-based technologies have become ubiquitous in computing. While they provide an easy-to-implement platform for scalable, high-availability services, they also introduce new security issues. Traditionally, discussions on security vulnerabilities in server platforms have been focused on stand-alone (i.e., non-virtualized) environments. For cloud and virtualized platforms, the discussion focuses on the shared usage of resources and the lack of control over the infrastructure. However, the impact virtualization technologies can have on exploit mitigation mechanisms of host machines is often neglected. Therefore, this survey discusses the following issues: first, the security issues and challenges that are introduced by the migration from stand-alone solutions to virtualized environments—special attention is given to the Virtual Machine Monitor, since it is a core component in a virtualized solution; second, the impact (sometimes negative) that these new technologies have on existing security strategies for hosts; third, how virtualization technologies can be leveraged to provide new security mechanisms not previously available.; and, finally, how virtualization technologies can be used for malicious purposes.

show abstract

A Mathematical Modeling of Exploitations and Mitigation Techniques Using Set Theory

Branco

Kawakami

et al. 2018

View full text Add to dashboard Cite

One of the most challenging problems in computer security is formalization of vulnerabilities, exploits, mitigations and their relationship. In spite of various existing researches and theories, a mathematical model that can be used to quantitatively represent and analyze exploit complexity and mitigation effectiveness is still in absence.In this work, we introduce a novel way of modeling exploits and mitigation techniques with mathematical concepts from set theory and big O notation. The proposed model establishes formulaic relationships between exploit primitives and exploit objectives, and enables the quantitative evaluation of vulnerabilities and security features in a system. We demonstrate the application of this model with two real world mitigation techniques. It serves as the first step toward a comprehensive mathematical understanding and modeling of exploitations and mitigations, which will largely benefit and facilitate the practice of system security assessment.

show abstract

Architecture for automation of malware analysis

Branco

Shamir

2010

View full text Add to dashboard Cite

Blinded random corruption attacks

Branco

Gueron

2016

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Rodrigo Branco

Security Issues and Challenges for Virtualization Technologies

A Mathematical Modeling of Exploitations and Mitigation Techniques Using Set Theory

Architecture for automation of malware analysis

Blinded random corruption attacks

Contact Info

Product

Resources

About