mirror of
https://github.com/papers-we-love/papers-we-love.git
synced 2024-10-27 20:34:20 +00:00
25 lines
2.0 KiB
Markdown
25 lines
2.0 KiB
Markdown
Security
|
||
===========
|
||
* [Reflections on Trusting Trust (1984)](http://www.ece.cmu.edu/~ganger/712.fall02/papers/p761-thompson.pdf)
|
||
* [Internet Census via Insecure Routers (2012)](https://www.researchgate.net/publication/279069631_The_Internet_Census_2012_Dataset_An_Ethical_Examination)
|
||
* [Looking inside the (Drop) Box (2013)](https://www.usenix.org/system/files/conference/woot13/woot13-kholia.pdf)
|
||
* [Making Programs Forget: Enforcing Lifetime For Sensitive Data (2011)](https://www.usenix.org/events/hotos11/tech/final_files/Kannan.pdf)
|
||
* [Breach: Reviving The Crime Attack (2013)](http://breachattack.com/resources/BREACH%20-%20SSL,%20gone%20in%2030%20seconds.pdf)
|
||
* [Why Silent Updates Boost Security (2009)](http://tik-old.ee.ethz.ch/file/ef72343372ca8659a9ae8a98873167c0/TIKReport302.pdf)
|
||
* [A survey of coordinated attacks and collaborative intrusion detection (2010)](https://www.sciencedirect.com/science/article/pii/S016740480900073X)
|
||
* [Zanzibar: Google’s Consistent, Global Authorization System (2019)](https://research.google/pubs/pub48190/)
|
||
|
||
* :scroll: [Macaroons: Cookies with Contextual Caveats for Decentralized Authorization in the Cloud (2014)](macaroons-cookies-with-contextual-caveats.pdf)
|
||
* :scroll: [Insertion, Evasion, and Denial of Service: eluding network intrusion detection (1998)](ids-evasion-ptacek-newsham.pdf)
|
||
|
||
## Hardware Security
|
||
|
||
* [Meltdown (2018)](https://meltdownattack.com/meltdown.pdf)
|
||
* [Spectre Attacks: Exploiting Speculative Execution (2018)](https://spectreattack.com/spectre.pdf)
|
||
* [DRAM Row Hammer (2014)](https://people.inf.ethz.ch/omutlu/pub/dram-row-hammer_isca14.pdf)
|
||
- Flipping Bits in Memory Without Accessing Them: An Experimental Study of DRAM Disturbance Errors
|
||
|
||
* :scroll: [SoK: Eternal War in Memory (2013)](sok-eternal-war-in-memory.pdf)
|
||
- Classifies memory attacks into a taxonomy that is usable by both black- and white-hats.
|
||
- An excellent primer on the different memory-related vulnerabilities that exist, (more importantly) why they exist, and the ways in which various defences act to counter them.
|