Biblio

Filters: Author is Khalaj, Ebrahim  [Clear All Filters]
2017-05-30
Abi-Antoun, Marwan, Khalaj, Ebrahim, Vanciu, Radu, Moghimi, Ahmad.  2016.  Abstract Runtime Structure for Reasoning About Security: Poster. Proceedings of the Symposium and Bootcamp on the Science of Security. :1–3.

We propose an interactive approach where analysts reason about the security of a system using an abstraction of its runtime structure, as opposed to looking at the code. They interactively refine a hierarchical object graph, set security properties on abstract objects or edges, query the graph, and investigate the results by studying highlighted objects or edges or tracing to the code. Behind the scenes, an inference analysis and an extraction analysis maintain the soundness of the graph with respect to the code.

2014-09-17
Khalaj, Ebrahim, Vanciu, Radu, Abi-Antoun, Marwan.  2014.  Is There Value in Reasoning About Security at the Architectural Level: A Comparative Evaluation. Proceedings of the 2014 Symposium and Bootcamp on the Science of Security. :30:1–30:2.

We propose to build a benchmark with hand-selected test-cases from different equivalence classes, then to directly compare different approaches that make different tradeoffs to better understand which approaches find security vulnerabilities more effectively (better recall, better precision).