Andreas Gal, Christian W. Probst, Michael Franz  Home/Search
Context
Related
| uci.edu/~franz/Site/...ICSTR0324.pdf Cached: PS.gz PS PDF This document uses CoBlitz to cache paper downloads. If your firewall is blocking outgoing connections to port 3125, you can use these links to download local copies.
Image Update HelpPS.gz PS PDF From: uci.edu/~franz/Site/news (more) Homepages: M.Franz |
Rate this article:      (best)Comment on this article |
Abstract: The safety of the Java Virtual Machine is founded on bytecode verification. Although verification complexity appears to roughly correlate with program size in the average case, its worst-case behavior is quadratic. This can be exploited for denial-of-service attacks using relatively short programs (applets or agents) specifically crafted to keep the receiving virtual machine's verifier busy for an inordinate amount of time. Instead of the existing... (Update)
Active bibliography (related documents): More All
0.9: Simple verification technique for complex Java bytecode subroutines - Coglio (2004) (Correct)
0.7: A Practical Mobile-Code Format with Linear Verification Effort - Wang, Franz (2003) (Correct)
0.7: Bytecode Verification by Model Checking - Basin, Friedrich, Gawkowski (2003) (Correct)
Similar documents based on text: More All
0.2: Virtual-Machine Driven Dynamic Voltage Scaling - Haldar, Probst.. (2003) (Correct)
0.2: Quality Prediction and Mistake Proofing - An LDRD Final Report - McDonald (1998) (Correct)
0.2: A Denial of Service Attack on the Java Bytecode - Gal (Correct)
BibTeX entry: (Update)
@misc{ gal-proofing,
author = "Andreas Gal and Christian W. Probst and Michael Franz",
title = "Proofing: An Efficient and Safe Alternative to Mobile-Code Verification",
url = "citeseer.ist.psu.edu/697917.html" }
Citations (may not include all citations):1399 Compilers: Principles (context) - Aho, Sethi et al. - 1986
862 The Java Language Specification - Gosling, Joy et al. - 1996
746 The Java Virtual Machine Specification (context) - Lindholm, Yellin - 1996
566 Proof-carrying code - Necula - 1997
415 Efficiently Computing Static Single Assignment Form and the .. - Cytron, Ferrante et al. - 1991
264 Safe Kernel Extensions Without Run-Time Checking - Necula, Lee - 1996
169 A Type System for Java Bytecode Subroutines - Stata, Abadi - 1999
109 The Type System for Object Initialization in the Java Byteco.. - Freund, Mitchell - 1999
64 Low level security in Java (context) - Yellin - 1995
58 Foundational Proof-Carrying Code - Appel - 2001
53 A Formal Specification of Java Virtual Machine Instructions .. - Qian - 1999
43 Java and the Java Virtual Machine: Definition (context) - ark, Schmid et al. - 2001
38 SafeTSA: A Type Safe and Referentially Secure Mobile-Code Re.. - Amme, Dalton et al. - 2001
29 Oracle-based Checking of Untrusted Software - Necula, Rahul - 2001
19 Standard Fixpoint Iteration for Java Bytecode Verification - Qian - 2000
16 Comprehensive Type System for Java Bytecode Subroutines (context) - O'Callahan, Simple - 1999
15 Proving Soundnes Java Bytecode Verifier Specification Isabel.. - the, Java et al. - 1999
14 Detecting Equality of Values in Programs (context) - Alpern, Wegman et al. - 1988
12 Theoretical Computer Science (context) - Klein, Nipkow et al. - 2003
10 Java Bytecode Verification: Algorithms and Formalizations - Leroy - 2003
7 A Linear Time Algorithm for Placing #-nodes (context) - Sreedhar, Gao - 1995
7 Verified Java Bytecode Verification (context) - Klein - 2003
6 Java Byte Code Verification by Model Checking (context) - Basin, Friedrich et al. - 1999
5 DJ-Graphs and their Applications to Flowgraph Analyses - Sreedhar, Gao et al. - 1994
5 Java Bytecode Verification is not possible (context) - ark, Schmid - 2001
5 Verified Bytecode Subroutines - Klein, Wildmoser - 2003
2 Improving the Official Specification of Java Bytecode Verifi.. - Coglio - 2001
2 A Denial of Service Attack on the Java Bytecode Verifier (context) - Gal, Probst et al. - 2003
1 The Mauve Project Home Page (context) - Green - 2003
1 Algorithms for Computing the Static Single Assignment Form - Bilardi, Pingali - 2003
1 Completeness of a Bytecode Verifier and a Certifying Java-to.. - ark, Schmid - 2003
1 Verified Bytecode Verification and type-certifying Compilati.. - Klein, Strecker - 2003
1 Code Generating Routers: A Network-Centric Approach to Mobil.. (context) - Probst, Gal et al. - 2003
1 A Formal Specfication of the Java Bytecode Language and Byte.. (context) - Freund, Mitchell - 1999
1 Global Value Numbering and Redundant Computations (context) - Rosen, Wegman et al. - 1988
Documents on the same site (http://www.ics.uci.edu/~franz/Site/news.html): More
Computing in the Network - Probst, Gal, Franz (Correct)
Supporting Software Composition at the Programming-Language.. - Franz, Fröhlich, Gal (Correct)
A Denial of Service Attack on the Java Bytecode - Gal (Correct)
Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback
CiteSeer.IST - Copyright Penn State and NEC