Úlfar Erlingsson
Úlfar Erlingsson

homepage

  Affiliation history
Bibliometrics: publication history
Average citations per article39.97
Citation Count1,319
Publication count33
Publication years1996-2017
Available for download21
Average downloads per article785.00
Downloads (cumulative)16,485
Downloads (12 Months)2,690
Downloads (6 Weeks)317
SEARCH
ROLE
Arrow RightAuthor only
· Editor only
· Other only
· All roles


AUTHOR'S COLLEAGUES
See all colleagues of this author

SUBJECT AREAS
See all subject areas




BOOKMARK & SHARE


33 results found Export Results: bibtexendnoteacmrefcsv

Result 1 – 20 of 33
Result page: 1 2

Sort by:

1 published by ACM
November 2017 ASHES '17: Proceedings of the 2017 Workshop on Attacks and Solutions in Hardware Security
Publisher: ACM
Bibliometrics:
Citation Count: 0
Downloads (6 Weeks): 14,   Downloads (12 Months): 18,   Downloads (Overall): 18

Full text available: PDFPDF
For computer software, our security models, policies, mechanisms, and means of assurance were primarily conceived and developed before the end of the 1970's. However, since that time, software has changed radically: it is thousands of times larger, comprises countless libraries, layers, and services, and is used for more purposes, in ...
Keywords: hardware security, hardware-assisted software monitoring, computer security, data-driven security

2 published by ACM
October 2017 SOSP '17: Proceedings of the 26th Symposium on Operating Systems Principles
Publisher: ACM
Bibliometrics:
Citation Count: 0
Downloads (6 Weeks): 127,   Downloads (12 Months): 621,   Downloads (Overall): 621

Full text available: PDFPDF
The large-scale monitoring of computer users' software activities has become commonplace, e.g., for application telemetry, error reporting, or demographic profiling. This paper describes a principled systems architecture---Encode, Shuffle, Analyze (ESA)---for performing such monitoring with high utility while also protecting user privacy. The ESA design, and its Prochlo implementation, are informed ...

3 published by ACM
November 2014 CCS '14: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security
Publisher: ACM
Bibliometrics:
Citation Count: 28
Downloads (6 Weeks): 75,   Downloads (12 Months): 681,   Downloads (Overall): 1,393

Full text available: PDFPDF
Randomized Aggregatable Privacy-Preserving Ordinal Response, or RAPPOR, is a technology for crowdsourcing statistics from end-user client software, anonymously, with strong privacy guarantees. In short, RAPPORs allow the forest of client data to be studied, without permitting the possibility of looking at individual trees. By applying randomized response in a novel ...
Keywords: population statistics, cloud computing, crowdsourcing, privacy protection, statistical inference

4
August 2014 SEC'14: Proceedings of the 23rd USENIX conference on Security Symposium
Publisher: USENIX Association
Bibliometrics:
Citation Count: 39

Constraining dynamic control transfers is a common technique for mitigating software vulnerabilities. This defense has been widely and successfully used to protect return addresses and stack data; hence, current attacks instead typically corrupt vtable and function pointers to subvert a forward edge (an indirect jump or call) in the control-flow ...

5
August 2013 SEC'13: Proceedings of the 22nd USENIX conference on Security
Publisher: USENIX Association
Bibliometrics:
Citation Count: 12

Low-level Inlined Reference Monitors (IRM) such as control-flow integrity and software-based fault isolation can foil numerous software attacks. Conventionally, those IRMs are implemented through binary rewriting or transformation on equivalent low-level programs that are tightly coupled with a specific Instruction Set Architecture (ISA). Resulting implementations have poor retargetability to different ...

6 published by ACM
November 2012 ACM Transactions on Computer Systems (TOCS): Volume 30 Issue 4, November 2012
Publisher: ACM
Bibliometrics:
Citation Count: 7
Downloads (6 Weeks): 10,   Downloads (12 Months): 50,   Downloads (Overall): 474

Full text available: PDFPDF
Fay is a flexible platform for the efficient collection, processing, and analysis of software execution traces. Fay provides dynamic tracing through use of runtime instrumentation and distributed aggregation within machines and across clusters. At the lowest level, Fay can be safely extended with new tracing primitives, including even untrusted, fully ...

7
April 2012 LEET'12: Proceedings of the 5th USENIX conference on Large-Scale Exploits and Emergent Threats
Publisher: USENIX Association
Bibliometrics:
Citation Count: 4

Software that processes rich content suffers from endemic security vulnerabilities. Frequently, these bugs are due to data confusion: discrepancies in how content data is parsed, composed, and otherwise processed by different applications, frameworks, and language runtimes. Data confusion often enables code injection attacks, such as cross-site scripting or SQL injection, ...

8 published by ACM
October 2011 SOSP '11: Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
Publisher: ACM
Bibliometrics:
Citation Count: 17
Downloads (6 Weeks): 2,   Downloads (12 Months): 25,   Downloads (Overall): 312

Full text available: PDFPDF
Fay is a flexible platform for the efficient collection, processing, and analysis of software execution traces. Fay provides dynamic tracing through use of runtime instrumentation and distributed aggregation within machines and across clusters. At the lowest level, Fay can be safely extended with new tracing primitives, including even untrusted, fully-optimized ...

9 published by ACM
June 2011 ACM SIGPLAN Notices - PLDI '11: Volume 46 Issue 6, June 2011
Publisher: ACM
Bibliometrics:
Citation Count: 24
Downloads (6 Weeks): 5,   Downloads (12 Months): 61,   Downloads (Overall): 735

Full text available: PDFPDF
When dealing with dynamic, untrusted content, such as on the Web, software behavior must be sandboxed, typically through use of a language like JavaScript. However, even for such specially-designed languages, it is difficult to ensure the safety of highly-optimized, dynamic language runtimes which, for efficiency, rely on advanced techniques such ...
Keywords: just-in-time compilation, software fault isolation, sandboxing, security, self-modifying code
Also published in:
June 2011  PLDI '11: Proceedings of the 32nd ACM SIGPLAN Conference on Programming Language Design and Implementation

10
May 2011 SP '11: Proceedings of the 2011 IEEE Symposium on Security and Privacy
Publisher: IEEE Computer Society
Bibliometrics:
Citation Count: 31

JavaScript is widely used to provide client-side functionality in Web applications. To provide services ranging from maps to advertisements, Web applications may incorporate untrusted JavaScript code from third parties. The trusted portion of each application may then expose an API to untrusted code, interposing a reference monitor that mediates access ...
Keywords: Language-Based Security, Points-to Analysis, APIs, Javascript

11 published by ACM
December 2009 ACM SIGPLAN Notices: Volume 44 Issue 8, August 2009
Publisher: ACM
Bibliometrics:
Citation Count: 0

Transactional Memory Introspection (TMI) is a novel reference monitor architecture that provides complete mediation, freedom from time of check to time of use bugs and improved failure handling for authorization. TMI builds on and integrates with implementations of the Software Transactional Memory (STM) architecture [Harris and Fraser 2003]. In this ...

12 published by ACM
November 2009 ACM Transactions on Information and System Security (TISSEC): Volume 13 Issue 1, October 2009
Publisher: ACM
Bibliometrics:
Citation Count: 74
Downloads (6 Weeks): 24,   Downloads (12 Months): 331,   Downloads (Overall): 2,842

Full text available: PDFPDF
Current software attacks often build on exploits that subvert machine-code execution. The enforcement of a basic safety property, control-flow integrity (CFI), can prevent such attacks from arbitrarily controlling program behavior. CFI enforcement is simple and its guarantees can be established formally, even with respect to powerful adversaries. Moreover, CFI enforcement ...
Keywords: Binary rewriting, inlined reference monitors, vulnerabilities, control-flow graph

13 published by ACM
June 2009 PLAS '09: Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
Publisher: ACM
Bibliometrics:
Citation Count: 2
Downloads (6 Weeks): 0,   Downloads (12 Months): 9,   Downloads (Overall): 104

Full text available: PDFPDF
Transactional Memory Introspection (TMI) is a novel reference monitor architecture that provides complete mediation, freedom from time of check to time of use bugs and improved failure handling for authorization. TMI builds on and integrates with implementations of the Software Transactional Memory (STM) architecture [Harris and Fraser 2003]. In this ...
Keywords: transactional memory, reference monitors

14 published by ACM
February 2009 ACM SIGPLAN Notices: Volume 43 Issue 12, December 2008
Publisher: ACM
Bibliometrics:
Citation Count: 0
Downloads (6 Weeks): 1,   Downloads (12 Months): 25,   Downloads (Overall): 929

Full text available: PdfPdf
Software security has been traditionally enforced at the level of operating systems. However, operating systems have become increasingly large and complex, and it is very difficult--if not impossible--to enforce software security solely through them. Moreover, operating-system security allows dealing primarily with access-control policies on resources such as files and network ...
Keywords: programming languages, security, program analysis, language-based security

15
December 2008 OSDI'08: Proceedings of the 8th USENIX conference on Operating systems design and implementation
Publisher: USENIX Association
Bibliometrics:
Citation Count: 250

DryadLINQ is a system and a set of language extensions that enable a new programming model for large scale distributed computing. It generalizes previous execution environments such as SQL, MapReduce, and Dryad in two ways: by adopting an expressive data model of strongly typed .NET objects; and by supporting general-purpose ...

16 published by ACM
October 2008 CCS '08: Proceedings of the 15th ACM conference on Computer and communications security
Publisher: ACM
Bibliometrics:
Citation Count: 9
Downloads (6 Weeks): 0,   Downloads (12 Months): 18,   Downloads (Overall): 570

Full text available: PDFPDF
Correct enforcement of authorization policies is a difficult task, especially for multi-threaded software. Even in carefully-reviewed code, unauthorized access may be possible in subtle corner cases. We introduce Transactional Memory Introspection (TMI), a novel reference monitor architecture that builds on Software Transactional Memory--a new, attractive alternative for writing correct, multi-threaded ...
Keywords: reference monitors, transactional memory

17 published by ACM
June 2007 PLAS '07: Proceedings of the 2007 workshop on Programming languages and analysis for security
Publisher: ACM
Bibliometrics:
Citation Count: 19
Downloads (6 Weeks): 0,   Downloads (12 Months): 23,   Downloads (Overall): 1,441

Full text available: PDFPDF
In recent years, the security landscape has changed, with Web applications vulnerabilities becoming more prominent that vulnerabilities stemming from the lack of type safety, such as buffer overruns. Many reports point to code injection attacks such as cross-site scripting and RSS injection as being the most common attacks against Web ...
Keywords: code injection attacks, software security, same-origin policy, software construction frameworks

18
May 2007 HOTOS'07: Proceedings of the 11th USENIX workshop on Hot topics in operating systems
Publisher: USENIX Association
Bibliometrics:
Citation Count: 19

Web applications are important, ubiquitous distributed systems whose current security relies primarily on server-side mechanisms. This paper makes the end-to-end argument that the client and server must collaborate to achieve security goals, to eliminate common security exploits, and to secure the emerging class of rich, cross-domain Web applications referred to ...

19
January 2007 Foundations of security analysis and design IV
Publisher: Springer-Verlag
Bibliometrics:
Citation Count: 7

This tutorial paper considers the issues of low-level software security from a language-based perspective, with the help of concrete examples. Four examples of low-level software attacks are covered in full detail; these examples are representative of the major types of attacks on C and C++ software that is compiled into ...

20
November 2006 OSDI '06: Proceedings of the 7th USENIX Symposium on Operating Systems Design and Implementation - Volume 7
Publisher: USENIX Association
Bibliometrics:
Citation Count: 67

XFI is a comprehensive protection system that offers both flexible access control and fundamental integrity guarantees, at any privilege level and even for legacy code in commodity systems. For this purpose, XFI combines static analysis with inline software guards and a two-stack execution model. We have implemented XFI for Windows ...



The ACM Digital Library is published by the Association for Computing Machinery. Copyright © 2018 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us