Matt Bishop, Michael Dilger  Home/Search
Context Related
| ucdavis.edu/~bishop/...ucdecs9509.ps ucdavis.edu/~bishop/...ucdecs9509.ps ucdavis.edu/research/tec...CSE9510.ps Cached: PS.gz PS PDF This document uses CoBlitz to cache paper downloads. If your firewall is blocking outgoing connections to port 3125, you can use these links to download local copies.
Image Update HelpPS.gz PS PDF From: ucdavis.edu/~bishop/scriv...index (more) From: ucdavis.edu/~bishop/scriv/ (Enter author homepages) |
Rate this article:      (best)Comment on this article |
Abstract: We develop a theory of vulnerabilities and their signatures, and use this theory to categorize race conditions that occur when processes interact with files in the UNIX operating system and that present security vulnerabilities. We present a formal language for describing these vulnerabilities, and derive an underlying characteristic. Using this characteristic, we present a tool that analyzes programs for possible race conditions, and present the results of one such analysis in which five... (Update)
Cited by: More
Model Checking An Entire Linux Distribution for Security.. - Benjamin Schwarz Hao (Correct)
Policy and Implementation Assurance for Software Security - Wilander (2005) (Correct)
Dataflow Anomaly Detection - Bhatkar, Chaturvedi, Sekar (Correct)
Active bibliography (related documents): More All
2.7: Checking for Race Conditions in File Accesses - Matt Bishop (1996) (Correct)
0.2: A Taxonomy of UNIX System and Network Vulnerabilities - Bishop (1995) (Correct)
0.2: Vulnerabilities Analysis - Bishop (1999) (Correct)
Similar documents based on text: More All
0.5: . Threats (Attacks) Vulnerabilities and attacks - Before Studying Possible (Correct)
0.5: Water Sector: - Vulnerability And Adaptation (Correct)
0.3: A Critical Analysis of Vulnerability Taxonomies - Bishop, Bailey (1996) (Correct)
Related documents from co-citation: More All
10: Stackguard: Automatic adaptive detection and prevention of buffer-overflow attac.. - Cowan, Pu et al. - 1998
8: Checking system rules using system-specific (context) - Engler, Chelf et al. - 2000
8: FormatGuard: Automatic Protection From printf Format String Vulnerabilities - Cowan, Barringer et al.
BibTeX entry: (Update)
M. Bishop and M. Dilger. Checking for race conditions in file accesses. In The USENIX Association, Computing Systems, pages 131--152, Spring 1996. http://citeseer.ist.psu.edu/article/bishop96checking.html More
@article{ bishop96checking,
author = "Matt Bishop and Michael Dilger",
title = "Checking for Race Conditions in File Accesses",
journal = "Computing Systems",
volume = "9",
number = "2",
month = "Spring",
pages = "131--152",
year = "1996",
url = "citeseer.ist.psu.edu/article/bishop96checking.html" }
Citations (may not include all citations):476 Programming Language (context) - Kernighan, Ritchie et al. - 1978
292 BSD UNIX Operating System (context) - Leffler, McKusick et al. - 1989
265 The Design of the UNIX Operating System (context) - Bach - 1987
173 The UNIX Time-Sharing System - Ritchie, Thompson - 1974
121 An Intrusion Detection Model (context) - Denning - 1987
109 Operating Systems Design and Implementation (context) - Tanenbaum - 1987
88 The X Window System (context) - Scheifler, Gettys - 1987
58 A Pattern Matching Model for Misuse Intrusion Detection - Kumar, Spafford - 1994
52 Automated Detection of Vulnerabilities in Privileged Program.. - Ko, Fink et al. - 1994
35 A Taxonomy of Computer Program Security Flaws (context) - Landwehr, Bull et al. - 1994
31 Model-Based Intrusion Detection (context) - Garvey, Lunt - 1991
24 Operating System Penetration (context) - Linde - 1975
23 Security Analysis and Enhancements of Computer Operating Sys.. (context) - Abbott, Chin et al. - 1976
21 Property-Based Testing of Privileged Programs - Fink, Levitt - 1994
12 Protection Analysis Project Final Report (context) - Bisbey, Hollingsworth - 1978
10 org via anonymous ftp (context) - Vulnerabilities, CA- et al. - 1995
10 org via anonymous ftp (context) - Vulnerability, CA- et al. - 1990
10 org via anonymous ftp (context) - Vulnerability, CA- et al. - 1993
10 org via anonymous ftp (context) - Vulnerability, CERT et al. - 1994
10 org via anonymous ftp (context) - Vulnerabilities, CA- et al. - 1994
7 Sun Microsystems Inc (context) - UNIX - 1993
The graph only includes citing articles where the year of publication is known.
Documents on the same site (http://olympus.cs.ucdavis.edu/~bishop/scriv/index.html): More
A Security Analysis of the NTP Protocol - Bishop (1990) (Correct)
Computer Security in Introductory Programming Classes - Matt Bishop (1997) (Correct)
Teaching Computer Security - Bishop (1993) (Correct)
Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback
CiteSeer.IST - Copyright Penn State and NEC