A Flexible Framework for Expediting Bug Finding by Leveraging Past (Mis-)Behavior to Discover New Bugs

Das, Sanjeev; James, Kedrian; Werner, Jan; Antonakakis, Manos; Polychronakis, Michalis; Monrose, Fabian

doi:10.1145/3427228.3427269

Cited by 5 publications

(3 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…If the queue is in the NORMAL or FULL state, the operation shall return the first available element (line 10). An additional CAS is used to mark the element as consumed by updating the head index (lines [11][12][13]. Similarly to the discussion on Algorithm 1, relying on a CAS operation on IDX ensures that if a writer has changed the queue state concurrently to the read, the reader is forced to observe again the updated state thanks to the CAS failure.…”

Section: F I G U R Ementioning

confidence: 99%

“…In this scenario, the capability to effectively monitor the behavior of applications using non‐intrusive facilities enables new applications of the autonomic computing paradigm 7,8 . In this direction, HPCs have been used in a myriad of applications, such as dynamic software profiling, 9 CPU power modeling, 2 children privacy protection, 10 failure prediction in computing systems, 11 random number generators, 12 or for the generation of test programs via fuzzing to enhance code coverage 13 just to mention a few diverse applications.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Strategies and software support for the management of hardware performance counters

Carnà

Marotta²,

Pellegrini

et al. 2023

Softw Pract Exp

View full text Add to dashboard Cite

Hardware performance counters (HPCs) are facilities offered by most off‐the‐shelf CPU architectures. They are a vital support to post‐mortem performance profiling and are exploited by standard tools such as Linux or Intel V‐Tune. Nevertheless, an increasing number of application domains (e.g., simulation, task‐based high‐performance computing, or cybersecurity) are exploiting them to perform different activities, such as self‐tuning, autonomic optimization, and/or system inspection. This repurposing of HPCs can be difficult, for example, because of the overhead for extracting relevant information. This overhead might render any online or self‐tuning activity ineffective. This article discusses various practical strategies to exploit HPCs beyond post‐mortem profiling, suitable for different application contexts. The presented strategies are accompanied by a general primer on HPCs usage on Linux. We also provide reference x86 (both Intel and AMD) implementations targeting the Linux kernel, upon which we present an experimental assessment of the viability of our proposals.

show abstract

Section: F I G U R Ementioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Strategies and software support for the management of hardware performance counters

Carnà

Marotta²,

Pellegrini

et al. 2023

Softw Pract Exp

View full text Add to dashboard Cite

show abstract

“…Further considerations for user permission details [34], hardware performance counters [35] or behaviour logs analysis [36] is beyond the scope of this work. Since some network sites do not maintain incident reports [37] or collect detailed security logs and others may not release the data due to restrictions in their distribution policies [22], this makes our statistical inference difficult to confirm.…”

Section: Threats To Validitymentioning

confidence: 99%

Challenges in Identifying Network Attacks Using Netflow Data

Chuah

Suri

Jhumka

et al. 2021

2021 IEEE 20th International Symposium on Network Computing and Applications (NCA)

View full text Add to dashboard Cite

Large networks often encounter attacks that can affect the network availability. While multiple techniques exist to detect network attacks, a comprehensive understanding of how an attack occurs considering the various layers and components of the network software stack, can be an important element to help improve network security. By performing correlation analysis on contemporary unlabeled Netflow data, this paper conducts a comprehensive study of network flow events to identify communication patterns that may precede an attack, thereby providing potentially useful attack signatures to network administrators.Our work shows that, surprisingly, the Netflow data is not strongly correlated to network attacks. We observe that while spoof requests trigger reflection attacks, only a small percentage of the network packets are associated with the attack. Furthermore, lead time enhancements are feasible for reflection attacks that show long dwell times. Our study on network event correlations highlights empirical observations that could facilitate better attack handling in large networks.

show abstract