papers-we-love_papers-we-love/security/README.md
2023-09-04 17:57:07 -04:00

25 lines
2.0 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

Security
===========
* [Reflections on Trusting Trust (1984)](http://www.ece.cmu.edu/~ganger/712.fall02/papers/p761-thompson.pdf)
* [Internet Census via Insecure Routers (2012)](https://www.researchgate.net/publication/279069631_The_Internet_Census_2012_Dataset_An_Ethical_Examination)
* [Looking inside the (Drop) Box (2013)](https://www.usenix.org/system/files/conference/woot13/woot13-kholia.pdf)
* [Making Programs Forget: Enforcing Lifetime For Sensitive Data (2011)](https://www.usenix.org/events/hotos11/tech/final_files/Kannan.pdf)
* [Breach: Reviving The Crime Attack (2013)](http://breachattack.com/resources/BREACH%20-%20SSL,%20gone%20in%2030%20seconds.pdf)
* [Why Silent Updates Boost Security (2009)](http://tik-old.ee.ethz.ch/file/ef72343372ca8659a9ae8a98873167c0/TIKReport302.pdf)
* [A survey of coordinated attacks and collaborative intrusion detection (2010)](https://www.sciencedirect.com/science/article/pii/S016740480900073X)
* [Zanzibar: Googles Consistent, Global Authorization System (2019)](https://research.google/pubs/pub48190/)
* :scroll: [Macaroons: Cookies with Contextual Caveats for Decentralized Authorization in the Cloud (2014)](macaroons-cookies-with-contextual-caveats.pdf)
* :scroll: [Insertion, Evasion, and Denial of Service: eluding network intrusion detection (1998)](ids-evasion-ptacek-newsham.pdf)
## Hardware Security
* [Meltdown (2018)](https://meltdownattack.com/meltdown.pdf)
* [Spectre Attacks: Exploiting Speculative Execution (2018)](https://spectreattack.com/spectre.pdf)
* [DRAM Row Hammer (2014)](https://people.inf.ethz.ch/omutlu/pub/dram-row-hammer_isca14.pdf)
- Flipping Bits in Memory Without Accessing Them: An Experimental Study of DRAM Disturbance Errors
* :scroll: [SoK: Eternal War in Memory (2013)](sok-eternal-war-in-memory.pdf)
- Classifies memory attacks into a taxonomy that is usable by both black- and white-hats.
- An excellent primer on the different memory-related vulnerabilities that exist, (more importantly) why they exist, and the ways in which various defences act to counter them.