From e01780962c3a96e931a06123e47e621e5d7f6bc1 Mon Sep 17 00:00:00 2001 From: FaresSalem Date: Fri, 27 Mar 2020 04:04:55 +0200 Subject: [PATCH] Adding Hardware Security as a new sub-research area (#596) * Create README.md * Rename security/HW Security/README.md to security/hardware_security/README.md * Rearranging files * Rearranging files * Delete sok-eternal-war-in-memory.pdf * Moving sok-eternal-war-in-memory.pdf * Fix dead link Updating the link for "Internet Census via Insecure Routers" * Add Hardware Security subsection --- security/README.md | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/security/README.md b/security/README.md index 0ad82bb..cf9fec4 100644 --- a/security/README.md +++ b/security/README.md @@ -1,17 +1,23 @@ -## Security - + Security +=========== * [Reflections on Trusting Trust (1984)](http://www.ece.cmu.edu/~ganger/712.fall02/papers/p761-thompson.pdf) -* [Internet Census via Insecure Routers (2012)](https://internetcensus2012.bitbucket.io/paper.html) +* [Internet Census via Insecure Routers (2012)](https://www.researchgate.net/publication/279069631_The_Internet_Census_2012_Dataset_An_Ethical_Examination) * [Looking inside the (Drop) Box (2013)](https://www.usenix.org/system/files/conference/woot13/woot13-kholia.pdf) * [Making Programs Forget: Enforcing Lifetime For Sensitive Data (2011)](https://www.usenix.org/events/hotos11/tech/final_files/Kannan.pdf) * [Breach: Reviving The Crime Attack (2013)](http://breachattack.com/resources/BREACH%20-%20SSL,%20gone%20in%2030%20seconds.pdf) * [Why Silent Updates Boost Security (2009)](http://www.techzoom.net/Papers/Browser_Silent_Updates_%282009%29.pdf) * [A survey of coordinated attacks and collaborative intrusion detection (2010)](https://www.tk.informatik.tu-darmstadt.de/fileadmin/user_upload/Group_TK/zhou2010survey.pdf) -* [Meltdown (2018)](https://meltdownattack.com/meltdown.pdf) -* [Spectre Attacks: Exploiting Speculative Execution (2018)](https://spectreattack.com/spectre.pdf) * :scroll: [Macaroons: Cookies with Contextual Caveats for Decentralized Authorization in the Cloud (2014)](macaroons-cookies-with-contextual-caveats.pdf) * :scroll: [Insertion, Evasion, and Denial of Service: eluding network intrusion detection (1998)](ids-evasion-ptacek-newsham.pdf) + +## Hardware Security + +* [Meltdown (2018)](https://meltdownattack.com/meltdown.pdf) +* [Spectre Attacks: Exploiting Speculative Execution (2018)](https://spectreattack.com/spectre.pdf) +* [DRAM Row Hammer (2014)](https://people.inf.ethz.ch/omutlu/pub/dram-row-hammer_isca14.pdf) + - Flipping Bits in Memory Without Accessing Them: An Experimental Study of DRAM Disturbance Errors + * :scroll: [SoK: Eternal War in Memory (2013)](sok-eternal-war-in-memory.pdf) - Classifies memory attacks into a taxonomy that is usable by both black- and white-hats. - An excellent primer on the different memory-related vulnerabilities that exist, (more importantly) why they exist, and the ways in which various defences act to counter them.